Information Assurance Specialist
About The Position
Information Assurance Specialist - Hybrid (Suitland, Maryland). BizFirst is assisting our client with recruiting an Information Assurance Specialist - Hybrid (Suitland, Maryland). This position will provide accreditation and authorization support and guidance for a government client. The selected candidate will join a collaborative team environment, provide technical analysis, auditing, and guidance to support accreditation deliverables, and communicate system environment status clearly to staff at all levels. Our client is a workforce solutions firm that supports government agencies and commercial organizations with recruiting, staff augmentation, subcontracting, and proposal-related support. The firm works across IT, intelligence, healthcare, construction, and related sectors, with a focus on connecting organizations with qualified professionals who can support mission and project needs.
Requirements
- U.S. Citizen.
- Active Top Secret (TS) clearance with SCI eligibility.
- College degree or higher in Information Technology, Cybersecurity, or a related field.
- Minimum of 3+ years' relevant experience in information assurance, cybersecurity, RMF, accreditation and authorization, or system security compliance.
- Experience with system hardening and patching.
- Experience managing system configurations.
- Experience working with the NIST Risk Management Framework (RMF).
- Ability to understand, interpret, and implement NIST policy.
- Excellent interpersonal communication skills.
- Ability to work independently in an autonomous environment.
- Security+, CASP+, CISSP, or comparable certification required.
Nice To Haves
- Experience with ACAS, eMASS, and CMRS is desirable.
Responsibilities
- Support accreditation and authorization efforts by auditing security procedures, reviewing system compliance, monitoring RMF-related controls, and helping maintain the documentation and evidence needed to support an Authority to Operate (ATO).
- Work with system owners and system administrators to audit standard operating procedures, checklists, and policies.
- Review and analyze audit logs to ensure compliance with Security Technical Implementation Guides (STIGs) and Information Assurance Vulnerability Alerts (IAVAs) in support of achieving and maintaining authorization to operate.
- Review and audit system configuration management, including system documentation, user manuals, and database versions.
- Define, review, and audit policies to help ensure system access, user accounts, and other security controls are properly managed.
- Support the maintenance of existing Authority to Operate (ATO), physical security controls, and required protection of sensitive or classified information.
- Ensure RMF compliance with SOPs, media sanitation procedures, contingency planning, incident response, and insider threat policies and protocols.
- Audit and manage all outstanding open compliance items through completion and/or risk acceptance.
- Review and ensure compliance with information security boundaries through interconnection security agreements and service level agreements.
- Understand and monitor agreements with FedRAMP cloud and services providers and associated controls.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
