Jr. Information Assurance Specialist (Krozak)

About The Position

Requirements

• Associates Degree or higher in Information Technology/Cyber Security degree and/or minimum of 1-2 years of experience.
• Experience with hardening and patching.
• Experience with managing system configurations.
• Experience working with NIST Risk Management Framework.
• Ability to understand, interpret and implement NIST policy.
• Excellent interpersonal communication skills are essential.
• Ability to work independently in an autonomous environment.
• Security+, CASP+, or CISSP certification (or comparable certification) required.

Nice To Haves

• Experience with ACAS, eMASS and CMRS desirable.

Responsibilities

• Work with system owners and system administrators to audit standard operating procedures, checklists and policies.
• Review and analyze audit logs to ensure compliance with the Security Technical Implementation Guide (STIG) and Information Assurance Vulnerability Alerts (IAVAs) in support of achieving and maintaining authorization to operate.
• Review and audit system configuration management; including system documentation, user manuals, and database versions.
• Define policies to ensure and audit control of system access, user accounts, and other best practice security controls are in place to maintain existing Authority To Operate (ATO), physical security, and required protection of sensitive or classified information.
• Ensure RMF compliance with SOPs, media sanitation procedures, contingency planning, incident response and insider threat policies and protocols.
• Audit and manage-to-completion all outstanding open compliance items to completion and/or risk acceptance.
• Review and ensure compliance with information security boundaries through interconnection security agreements and service level agreements.
• Understand and monitor agreements with FedRamp cloud and services providers and associated controls.