Information Assurance Professional (IAP)

About The Position

Requirements

• Requires a Bachelor’s degree in Engineering, or a related Science, Technology or Mathematics field.
• Also requires 2+ years of job-related experience. or a Master's degree and 6 months of job-related experience.
• Department of Defense Secret security clearance is required at time of hire.
• Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information.
• Due to the nature of work performed within our facilities, U.S. citizenship is required.
• Proficient understanding of cyber security specifications such as Risk Management Framework (RMF), JSIG (Joint SAP Implementation Guide), ICD-503, NIST SP 800-53.
• Experience implementing government security requirements to include technical computer/network system auditing
• Trained and proficient in Assured File Transfer (AFT) processes and tools
• Experience with various security assessment/hardening tools - STIGs, SCAP, ACAS, Nessus, etc.
• Very strong writing, speaking, analytical, and customer service skills
• Ability to participate in or lead security work groups
• Must be a self-starter capable of multitasking and efficiently managing your time in a dynamic environment while requiring minimal levels of supervision
• Maintains contact with external customer security professionals
• This role requires a technical background creating POA&Ms, developing corrective action plans, and writing security plans, policies, and procedural documentation (not just reviewing or performing documentation review)

Nice To Haves

• Systems administration experience is highly desirable
• Demonstrated comprehensive knowledge of the NISPOM, JSIG, ICD-503, NIST SP 800-53 and CNSSI 1253
• DoD 8140 IAM-II level professional certification (i.e. Security + CE, CAP, GSLC) or ability to obtain within six (6) months of hire.

Responsibilities

• Supports system security categorization efforts, security requirements selection/analysis, security control assessments and performs continuous monitoring.
• Executes or supports the execution of A&A activities, including development of required security documentation, including items such as System Security Plans, Security Assessment Reports, SCTM’s and POA&Ms in compliance with IA policy
• Perform weekly system audit reviews, media reviews, hardware/software configuration management
• Executes security testing and evaluation to ensure correct implementation of security controls
• Supports the assessment and mitigation of vulnerabilities throughout a systems life cycle
• Conduct IA security education training for all system users on appropriate risk mitigation strategies
• Perform incident response and cleanup actions, when necessary, per company or customer directions
• Ensure systems are operated, maintained, and disposed of in accordance with internal security policies and procedures outlined in the System Security Plan (SSP).
• Assume ISSM responsibilities as assigned by the Region Manager and/or in the absence of the ISSM

Benefits

• We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose.
• You will also enjoy a flexible work environment where contributions are recognized and rewarded.