Information Assurance Analyst (entry-level)

Location
Alexandria, Virginia
Posted
Jun 22, 2017
Closes
Aug 31, 2017
Function
Analyst, IT, QA Engineer
Hours
Full Time

Overview

The Security Operations team at the Institute for Defense Analyses is actively recruiting for an entry-level Information Assurance Analyst.  The Information Assurance Analyst is responsible for ensuring security compliance of classified and unclassified Department of Defense (DoD) computer systems.  The primary functions of this position will include: conducting computer system audits for unauthorized activity, facilitating security briefings for classified user accounts, conducting system checks to ensure each computer is configured correctly before deploying to end-users and responding to classified security incidents and investigating and reporting security violations and incidents as appropriate.

It is important to note this is not a technical position; understanding the technical configurations of Windows and other operating systems is desirable, but not required.  This is the perfect opportunity to break into a Security Information Assurance or Risk Management career.

Responsibilities

  1. Assists with developing, reviewing, maintaining and overseeing information systems security plans (SSPs) and Assessment/Authorizations in accordance with DoD mandated polices.
  2. Performs manual and system level audit reviews of systems to track multiple events including any signs of inappropriate or unusual activity, data transfers, etc.  Reports any findings to the Information Systems Security Manager (ISSM).
  3. Performs recurring self-assessments on all systems under their purview to ensure compliance with documented security requirements and to detect any system level vulnerabilities. 
  4. Performs the steps involved in the execution of the Risk Management Framework (RMF), including generation of documentation, controls compliance testing, and continuous monitoring activities for stand-alone systems.
  5. Works with IT to assist the ISSM in performing an initial system assessment to ensure that required security controls are implemented and operating correctly before a system is authorized for production.
  6. Participates in inspections and incident response.
  7. Performs other duties as assigned.

Qualifications

  • U.S. Citizenship is required.
  • Bachelor’s degree in a Business, IT or Security related field; OR, its equivalent experience of two years of similar information assurance or functional IT experience.
  • Experience in a similar compliance, systems security role or experience in IT is preferred.
  • Candidate must have the following Information Assurance certifications or security training; OR must be able to obtain the certificates within 6 months of hire:
  • DSS NISPOM  Risk Management Framework Courses
  • DOD 8570.01-M certification at IAT level 2, such as Security +
    • Understanding the technical configurations of Windows and other operating systems is desirable.
    • Understand Windows and Linux event logs is desirable.
    • Knowledge of compliance checking tools preferred.
    • Customer service skills, including good interpersonal skills and the ability to communicate effectively with all levels of employees.       
    • Candidates selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.