Information Assurance Engineer
Job DescriptionInformation Assurance Engineer with a primary focus is on Information Assurance and Privacy/Privacy Impact Assessment (PIA).Certifications: CISSP (desired but not required) CAP (must have within 90 days of start)Must haves: Good people skills Good technical writing skills Strong team player IT Security Experience Privacy/ Privacy Impact Assessment (PIA) Experience Bachelors degree Active Secret of higher clearanceTechnical Skills: Knowledge of Microsoft products (Word, Visio, Project), firewalls, switches, SANs, networking structures, databases, IIS, SDLC, etc. Remedy experience is desired Ability to learn new automated tools.Description: The Information Assurance Engineer is responsible for certification and accreditation (C&A) activities for CA's automated information systems (AIS) and provides C&A support for domestic and overseas deployed systems, as well as assist and advise system and application developers in the design and development of secure systems architecture in accordance with National Institute of Standards and Technology (NIST) 800 series and Department Foreign Affairs Manual (FAM) guidelines. The Information Assurance Engineer organizes technical working groups and interviews the developers to gather required information (system description, network diagram, data flow, data shared, hardware/software table, points of contact, etc.) to support new system authorization. He/she analyzes production system configuration change requests (CCR) of existing systems to determine security impact and initiates required actions to maintain security posture and accreditation status. The Information Assurance Engineer develops and updates the following application documentation within the Consular Affairs Certification and Accreditation Management System (CACAMS) - a Comply Vision COTS product:o System Security Plan (SSP) and supporting documents and appendices,o Memo Request for Authorization Activities;o Security Categorization Form (SCF);o E-Authentication Form (eRA);o Registration of System in Information Technology Applications Base (ITAB);o Privacy Impact Statements (PIA);o Contingency Plan (CP);o Contingency Plan Test;o Business Impact Analysis (BIA);o Developing any other appropriate certification documents such as manuals, guidelines and briefings The Information Assurance Engineer also coordinates the remediation of Plan of Action and Milestones (POA&M) findings with various groups (including government and operations).