Information Assurance Specialist
About The Position
Cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to the Army. In all of this “cyber noise,” how can these organizations understand their risks and how to mitigate them? The answer is you. We need your knowledge as an information security risk specialist to help break down complex threats into manageable plans of action. As an information security risk specialist on our team, you’ll work with Army leaders to discover their cyber risks, understand applicable policies, and develop a mitigation plan. You’ll integrate secure practices such as PKI integration, Identity and Access Management, multi-factor authentication, service-oriented architectures, and network or web-related protocols. You'll also apply National Institute of Standards and Technology (NIST) security controls, governance, risk management, and compliance security documentation tool, and the Risk Management Framework. Work with us as we protect our military’s enterprise networks. Join us. The world can’t wait.
Requirements
- 3+ years of experience as an ISSO or Information System Security Analyst (ISSA)
- 3+ years of experience conducting tools assessments and configuration analysis against best practices, vendor specifications, and government security guidelines and requirements
- Experience with the implementation, oversight, and maintenance of security configuration, practices, and procedures for systems
- Experience implementing controls from NIST 800-53
- Experience with eMASS or Xacta IA Manager
- Ability to perform risk analysis
- TS/SCI clearance
- HS diploma or GED
- DoD 8570 IAT Level II Certification, such as CCNA-Security, Security+ CE, CySA+, or SSCP Certification
Nice To Haves
- Experience with DoD security technical implementation guides (STIGs), checklists, and testing tools, including STIG Viewer, SCAP, and ACAS scanning tool
- Experience assessing configuration changes such as new COTS tools or web application upgrades to the system security boundary
- Experience drafting tool implementation CONOPS and reviewing tool or capabilities topologies, CONOPS, and vulnerability scans to assess risk
- Experience with cyber-related tools such as Ansible, Terraform, Splunk, or STIG Viewer
- Ability to plan and conduct security authorization reviews and assurance case development for the initial installation of systems and networks
- Ability to work within a collaborative team, and a fast-paced and dynamic environment
- Possession of excellent written, organizational, presentation, and verbal communication skills
- Cyber management certifications, including CGRC, CISM, or CISSP Certification
Responsibilities
- Work with Army leaders to discover their cyber risks, understand applicable policies, and develop a mitigation plan.
- Integrate secure practices such as PKI integration, Identity and Access Management, multi-factor authentication, service-oriented architectures, and network or web-related protocols.
- Apply National Institute of Standards and Technology (NIST) security controls, governance, risk management, and compliance security documentation tool, and the Risk Management Framework.
- Assess configuration changes such as new COTS tools or web application upgrades to the system security boundary.
- Draft tool implementation CONOPS and review tool or capabilities topologies, CONOPS, and vulnerability scans to assess risk.
- Plan and conduct security authorization reviews and assurance case development for the initial installation of systems and networks.
Benefits
- health, life, disability, financial, and retirement benefits
- paid leave
- professional development
- tuition assistance
- work-life programs
- dependent care
- recognition awards program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
High school or GED
