Information Systems Architect -Mid (w/ active Secret)

About The Position

Requirements

• Active Secret clearance or higher
• High school Diploma or General Equivalency Diploma (GED) with 5+ years of related experience
• Experience with Department of Defense Information Assurance Program (DIACAP) and Risk Management Framework (RMF).
• Experience with SharePoint Online and/or on-prem
• Experience with Power Platform (Power Apps, Power Automate)
• Experience with Basic SPFx or front-end development (JavaScript, HTML, CSS)
• Experience with Microsoft 365 tools and integrations
• Must possess an active DoD Secret Clearance.
• Selected candidate must undergo background investigation (BI) and finger printing by the federal agency and successfully pass the preceding to qualify for the position.
• US CITIZENSHIP IS REQUIRED

Nice To Haves

• IAT level II certification
• Must possess Information Technology Infrastructure Library (ITIL) version 3 Foundation certification

Responsibilities

• Assist the Government Lead in daily tasks to ensure all systems have current Authorizations to Operate (ATOs).
• Facilitate Assessment and Authorization (A&A) for Information Systems, data availability, integrity, authentication, confidentiality, and non-repudiation.
• Through A&A review processes, ensure security measures are implemented for communication systems, networks, and provide advice that systems and personnel adhere to established security standards and Governmental requirements for security on these systems.
• Develop and execute security policies, plans, and procedures.
• Initiate creation of A&A packages to support receipt of Authorizations to Operate (ATOs), collaborate with Engineers to gather required information for A&A packages, and update A&A packages as required.
• Perform lifecycle maintenance of A&A packages ensuring ATOs do not expire without proper updates.
• Update the appropriate documentation for the Agency Application & Database Management System (DADMS) and Department of Defense Information Technology Portfolio Repository.
• Submit Ports and Protocols with all supplemental documentation to DISA for approval.
• Submit tickets to initiate action from Headquarters Command, Control, Communications, and Computers (C4) Cybersecurity Division (CY) for approval.
• Ensure appropriate action is taken in a timely manner by appropriate point of contact (POC) within the A&A packages.
• Assist with validation of A&A packages as required by the Government.
• Review and provide input for Operational Plan of Action and Milestones (POA&M) for submission to Action Officer (AO).
• Conduct vulnerability scans using Assured Compliance Assessment Solution (ACAS) and assist Engineers in documenting system vulnerabilities.
• Vulnerability management duties include, but are not limited to, using Tenable SecurityCenter and Nessus scanners, RedSeal, BigFix, Security Content Automation Protocol (SCAP) Compliance Checker (SCC) Tool, HP Fortify, other automated tools, and manual inspections to identify vulnerabilities; documenting vulnerabilities in the RSA Archer eGRC system; reporting vulnerability statistics.

Benefits

• 100% premium coverage for Medical, Dental, Vision, and Life Insurance
• Supplemental Insurance
• 401K matching
• Flexible Time Off (PTO/Holidays)
• Higher Education/Training Reimbursement