Information Assurance Security Specialist - Senior (A&A)
Performs assessment and authorization coordination.
Advises and assists the customer with Risk Management Framework (RMF) and develops a Plan of Action and Milestones for resolving network deficiencies in accordance with DODI 8510.
01.
The duties of this task include assessing network compliance against controls listed in DODI 8500.
2 and creating A&A packages.
The end goal is to ensure the integrity of customer systems by identifying and mitigating potential shortcomings and vulnerabilities.
General duties include:
oAnalyze, evaluate, and build an accreditation roadmap for new SIE networks and systems.
oDevelop and maintain supporting documentation for new networks, systems, and technologies as they are introduced into the SIE.
oDevelop and review the A&A of SIE networks, systems, services, devices, hardware, and software using the DoD & IC RMF to obtain an Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC).
oProvide DoD & IC RMF subject matter expertise to USSOCOM, its Component Commands, TSOCs, deployed forces and their delegates, including other Contractors, and assist with the development and execution of the RMF program at USSOCOM, its Component Commands, TSOCs, and deployed forces.
oMaintain, track, and validate DISN and DIA connection approval packages, including those from USSOCOM, its Component Commands, TSOCs, and other subordinate organizations.
oPerform risk and vulnerability assessments of IT and IS for accreditation; prepare risk assessment reports for submission to the Security Controls Assessor/Certification Authority (SCA/CA) and Authorizing Official/Designated Accrediting Authority (AO/DAA) in accordance with DoD, DIA, USCYBERCOM, USSOCOM, Component Command, TSOC, and deployed forces' policies, procedures, and regulations.
oAssist USSOCOM, its Component Commands, TSOCs and deployed forces with the enforcement of A&A, as well as DoD, DIA, USSOCOM, Component Command, TSOC, and deployed forces' connection standards for networks and systems.
oTrack and maintain A&A databases, web sites and tools to ensure that networks, systems and devices are properly documented and managed from a security perspective.
oEnsure timely notifications are made to responsible individuals and organizations in order to prevent lapses in accreditations (e.
g.
, 30, 60, and 90 day notices).
oDevelop and maintain an Information Security Continuous Monitoring (ISCM) Plan.
This plan shall address ongoing awareness of information security, vulnerabilities, security controls, and threats to support organizational risk management decisions.
oCoordinate with USCYBERCOM, DoD, DIA, NSA, DISA, and subordinate organizations to support the resolution of issues with security, A&A, connection approvals, and waiver requests.
oPerform network security authorization, as well as the application and execution of policy, including project management support services.
Advise USSOCOM, its Component Commands, TSOCs, and deployed forces on network and system risks, risk mitigation courses of action, and operationalAdditionally, the Information Assurance Security Specialist should be able to perform security evaluations and vulnerability assessments using the DOD Assured Compliance Assessment Solution (ACAS), Nessus vulnerability scanning tool.
The Information Assurance Security Specialist will liaison with network and system administrators to correct identified deficiencies.
The Information Assurance Security Specialist will also scan (or review scans) for new systems and applications being introduced into the SOF environment, identify issues, and draft certification letters for the government.
The contractor will liaison with the Site Integration Facility (SIF) to ensure systems and application meet the standards in the DISA Security Technical Implementation Guides (STIG).
Minimum Education/Experience Requirements:
oBachelor's Degree in computer or systems science discipline and eight (8) years of progressive, relevant experience or equivalent combination of education and experience.
oExperience with the US Combatant Commands (USCENTCOM/USSOCOM) is desired.
oDOD Information Assurance Manager (IAM) Level 2 certification required.
oWorking knowledge of the Enterprise Mission Assurance Support Service (eMASS) and Risk Management Framework (RMF).
oMust have excellent communications skill (written and oral) and interpersonal skills.
oKnowledge and experience with DOD IA processes and policies (e.
g.
, CJCSM 6510.
01, Incident Response and other IA policies).
oActive TS/SCI clearance required.
Work EnvironmentWork will be performed in a cubical environment inside a large facility.
Some CONUS travel may be required depending on requests by the customer.
May be required to attend off site meetings.
Physical RequirementsSitting at desk.
Phone use and PC or laptop.
Filing required.
May require lifting and carrying boxes of supplies or files up to 25 lbs.
Extended periods of sitting while on PC/laptop or phone.
Equipment and MachinesGeneral office equipment, which includes:
telephone, fax machine, copier, PC/laptop, and other miscellaneous office equipment.
Knowledge of Microsoft Office Suite is required.
AttendanceRegular attendance in accordance with established work schedule is mandatory.
Work assignments dependent on requirements by the client.
It is important to be able to work at least 8 hours a day for 5 days per week (Monday through Friday).
Other Essential FunctionsMust put forward a professional behavior that enhances productivity and promotes teamwork and cooperation.
Must be well organized with the ability to coordinate and prioritize multiple tasks simultaneously.
Must be able to communicate effectively, both verbally and in writing.
Must be able to interface effectively with individuals at all levels of the organization.
Grooming and dress usually business casual, but dependent on client's standards.
Must not pose a safety hazard to employees working in the same general area.
The position for which you are interviewing requires a US government security clearance.
This is to advise you, that should you be extended an offer, if you possess a dual citizenship (i.
e.
, citizen of the US and another country), in order to be granted a clearance you will be required to relinquish your citizenship.
Recommended Skills Audio Equipments Communication Computer Security Coordinating Databases Fax Estimated Salary: $20 to $28 per hour based on qualifications.
Advises and assists the customer with Risk Management Framework (RMF) and develops a Plan of Action and Milestones for resolving network deficiencies in accordance with DODI 8510.
01.
The duties of this task include assessing network compliance against controls listed in DODI 8500.
2 and creating A&A packages.
The end goal is to ensure the integrity of customer systems by identifying and mitigating potential shortcomings and vulnerabilities.
General duties include:
oAnalyze, evaluate, and build an accreditation roadmap for new SIE networks and systems.
oDevelop and maintain supporting documentation for new networks, systems, and technologies as they are introduced into the SIE.
oDevelop and review the A&A of SIE networks, systems, services, devices, hardware, and software using the DoD & IC RMF to obtain an Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC).
oProvide DoD & IC RMF subject matter expertise to USSOCOM, its Component Commands, TSOCs, deployed forces and their delegates, including other Contractors, and assist with the development and execution of the RMF program at USSOCOM, its Component Commands, TSOCs, and deployed forces.
oMaintain, track, and validate DISN and DIA connection approval packages, including those from USSOCOM, its Component Commands, TSOCs, and other subordinate organizations.
oPerform risk and vulnerability assessments of IT and IS for accreditation; prepare risk assessment reports for submission to the Security Controls Assessor/Certification Authority (SCA/CA) and Authorizing Official/Designated Accrediting Authority (AO/DAA) in accordance with DoD, DIA, USCYBERCOM, USSOCOM, Component Command, TSOC, and deployed forces' policies, procedures, and regulations.
oAssist USSOCOM, its Component Commands, TSOCs and deployed forces with the enforcement of A&A, as well as DoD, DIA, USSOCOM, Component Command, TSOC, and deployed forces' connection standards for networks and systems.
oTrack and maintain A&A databases, web sites and tools to ensure that networks, systems and devices are properly documented and managed from a security perspective.
oEnsure timely notifications are made to responsible individuals and organizations in order to prevent lapses in accreditations (e.
g.
, 30, 60, and 90 day notices).
oDevelop and maintain an Information Security Continuous Monitoring (ISCM) Plan.
This plan shall address ongoing awareness of information security, vulnerabilities, security controls, and threats to support organizational risk management decisions.
oCoordinate with USCYBERCOM, DoD, DIA, NSA, DISA, and subordinate organizations to support the resolution of issues with security, A&A, connection approvals, and waiver requests.
oPerform network security authorization, as well as the application and execution of policy, including project management support services.
Advise USSOCOM, its Component Commands, TSOCs, and deployed forces on network and system risks, risk mitigation courses of action, and operationalAdditionally, the Information Assurance Security Specialist should be able to perform security evaluations and vulnerability assessments using the DOD Assured Compliance Assessment Solution (ACAS), Nessus vulnerability scanning tool.
The Information Assurance Security Specialist will liaison with network and system administrators to correct identified deficiencies.
The Information Assurance Security Specialist will also scan (or review scans) for new systems and applications being introduced into the SOF environment, identify issues, and draft certification letters for the government.
The contractor will liaison with the Site Integration Facility (SIF) to ensure systems and application meet the standards in the DISA Security Technical Implementation Guides (STIG).
Minimum Education/Experience Requirements:
oBachelor's Degree in computer or systems science discipline and eight (8) years of progressive, relevant experience or equivalent combination of education and experience.
oExperience with the US Combatant Commands (USCENTCOM/USSOCOM) is desired.
oDOD Information Assurance Manager (IAM) Level 2 certification required.
oWorking knowledge of the Enterprise Mission Assurance Support Service (eMASS) and Risk Management Framework (RMF).
oMust have excellent communications skill (written and oral) and interpersonal skills.
oKnowledge and experience with DOD IA processes and policies (e.
g.
, CJCSM 6510.
01, Incident Response and other IA policies).
oActive TS/SCI clearance required.
Work EnvironmentWork will be performed in a cubical environment inside a large facility.
Some CONUS travel may be required depending on requests by the customer.
May be required to attend off site meetings.
Physical RequirementsSitting at desk.
Phone use and PC or laptop.
Filing required.
May require lifting and carrying boxes of supplies or files up to 25 lbs.
Extended periods of sitting while on PC/laptop or phone.
Equipment and MachinesGeneral office equipment, which includes:
telephone, fax machine, copier, PC/laptop, and other miscellaneous office equipment.
Knowledge of Microsoft Office Suite is required.
AttendanceRegular attendance in accordance with established work schedule is mandatory.
Work assignments dependent on requirements by the client.
It is important to be able to work at least 8 hours a day for 5 days per week (Monday through Friday).
Other Essential FunctionsMust put forward a professional behavior that enhances productivity and promotes teamwork and cooperation.
Must be well organized with the ability to coordinate and prioritize multiple tasks simultaneously.
Must be able to communicate effectively, both verbally and in writing.
Must be able to interface effectively with individuals at all levels of the organization.
Grooming and dress usually business casual, but dependent on client's standards.
Must not pose a safety hazard to employees working in the same general area.
The position for which you are interviewing requires a US government security clearance.
This is to advise you, that should you be extended an offer, if you possess a dual citizenship (i.
e.
, citizen of the US and another country), in order to be granted a clearance you will be required to relinquish your citizenship.
Recommended Skills Audio Equipments Communication Computer Security Coordinating Databases Fax Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
