Information Assurance Technician

About The Position

Requirements

• 1+ years of experience performing Information Assurance (IA) controls analysis, testing, and risk assessments
• 1+ years of experience with Nessus, Nmap, Burpsuite, Linux security (RHEL7), AWS cloud security
• Working knowledge of eMASS (Enterprise Mission Assurance Support Service)
• Knowledge of NIST SP 800-53 and 800-37, CNSSI 1254, and other VA Risk Management policies
• Ability to identify and evaluate major applications, infrastructure, enclaves, and Enterprise environments based on accreditation boundaries
• Knowledge of defense-in-depth and other information security and assurance principles and associated supporting technologies
• Familiarity with the use of vulnerability scanning and assessment tools necessary to identify and document compliance
• Capable of providing thoughtful feedback to the ISO, ISSO and other VA Cyber Security leadership in to identify risks, communicate recommended courses of action, and recommend process improvements

Nice To Haves

• Experience with VA Cyber Security
• Ability to work as an independent security practitioner and participate in a small team of security personnel reviewing the same system
• Ability to communicate effectively both verbally and in writing
• Ability to organize, analyze, and write technical documents that can be understood by non-technical individuals
• Experience with Prisma Cloud/Twistlock and containerization

Responsibilities

• Track efforts and perform tasks related to A&A within VA to ensure assigned information systems, devices, and networks can obtain and maintain Authorization to Operate (ATO) and other decisions.
• Plan, coordinate, and lead teams to conduct assessments of information systems and networks to identify vulnerabilities, risks, and security requirements in accordance with the VA A&A process.
• Test CCIs, validate Security Plans, provide weekly status updates, and perform extensive work in eMASS packages.
• Support VA SCARs, the VA Security Control Assessor (SCA), and other VA cybersecurity leadership in the execution and enforcement of VA Cyber Security and RMF process.