JOIN THE TEAM TODAY!
Our reputation is built on the skills and successes of our employees.
Information Assurance/Security Specialist (Senior)
Learn more about this opportunity below: 6740-DC3III - Information Assurance/Security Specialist (Senior)
Location: Quantico, VA
• Demonstrated Risk Management Framework (RMF) experience
• Experience with IA/Cybersecurity policy implementation
• Experience with AirForce policy
• Experience handling Federal C&A activities to include experience with eMASS (submission, validation and updates as needed)
• Experience performing computer systems security risk analysis and assessment.
• Experience implementing and validating Security Technical Implementation Guidance (STIG) and Security Requirements Guidance (SRG) for applications, familiarity with DOD network architecture and network engineering practices, hardening Windows/LINUX operating system
• DoD knowledgeable in EMASS, ACAS, HBSS, and STIGS experience
• TS Clearance with ability to obtain SCI
• DOD 8570/8140 Certification: (CISSP, CISM, GSLC, CASP, CAP)
• Experience with Department of Defense Test & Evaluation (T&E) practices for Cybersecurity to include validation of Security Control Requirements, STIG/SRG/Customer Centric requirements and document findings in a formalized reporting format.
• Experience analyzing and defining security requirements.
• Strong analytical and organizational skills with excellent communication skills (written and verbal communications) and have the ability to work in a dynamic work environment.
• FISMA experience
• Exceptional communication, interpersonal, problem solving, analytical and organizational skills.
• Ability to work well both independently and as part of a team.
This surge position is thorugh January 18, 2022.
Applies Information Technology (IT) security principles, methods, and security products to protect and maintain the availability, integrity, confidentiality, and accountability of information system resources and information processes through the system's lifecycle. Establishes organizational processes to manage the COMPUSEC program and provides advice and guidance in its implementation and in procedures used in the development and operation of systems. Conducts risk assessments to identify possible security violations by analyzing computer assets and establishes security requirements based on possible countermeasures to achieve and optimum level of security. Develops plans designed for computer security emergency response, backup, and recovery operations. Responsible for defining security policy requirements for operational systems as well as systems under development. Disseminates information and ensures computer security practices are adhered to command wide. Carries out activities leading to security assessment and authorization including providing guidance and assistance in accordance with the Risk Management Framework. Reviews, documents, and prepares assessment and authorization packages prior to submission to higher level authorization officials.
While some focus on operational cybersecurity compliance is desired, this position is to focus on the authoring, review, and publishing the cybersecurity plans, gathering artifacts, and controls needed for authorization packages. Some oversight of the operational cybersecurity bodies is necessary such as checking STIG compliance, however, applying STIGs personally is not the focus of this position - instead this position would focus on the authoring of POA&Ms for unapplied / incorrect STIGs for instance. This position is for strategic cybersecurity, not operational cyber.
Alliant LCAT Description:
Possesses and applies a comprehensive knowledge across key tasks and high impact assignments. Plans and leads major technology assignments. Evaluates performance results and recommends major changes affecting short-term project growth and success. Functions as a technical expert across multiple project assignments. May supervise others.
18-22 years of professional experience without a degree; or 10-14 years of professional experience with a Bachelors degree from an accredited college in a related discipline, or equivalent experience/combined education; or 8-12 years of professional experience with a related Masters degree; or 4 years of professional experience required with a related PhD or JD; Considered an emerging authority / authority in discipline. Consideration should always be given for the level of specific domain expertise.