Information Assurance Officer

Location
Alexandria, Virginia
Posted
Apr 27, 2021
Closes
Jun 01, 2021
Ref
16289
Function
Administrative
Hours
Full Time
Summary

The Information Assurance Officer will provide expert consultation with the securing of computer and network communications systems.

Responsibilities
  • Provide IA support to the networks.
  • Perform system administration functions as necessary with Windows Operating Systems (Windows Server 2003 - 2012).
  • Perform scans and provide security posture reporting as well as vulnerability remediation and analysis.
  • Develop and assess security documentation using C&A process documents as guides (AR 25-2, AR 380-5, DoD 8500.2, DoD 8510.01, DCID 6/3, NIST 800-37, 800-53).
  • Review and analyze audit logs for potential security incidents on a periodic basis.
  • Develop audit reports and alerts using an audit collection tool.
  • Apply STIG documentation to deployed and development systems.
  • Ensure implementation of IAVM dissemination, reporting, and compliance procedures.
  • Ensure all users meet the requisite favorable security investigations, clearances, authorization, need-to-know, and security responsibilities before granting access to the IS.
  • Ensure log files and audits are maintained and reviewed for all systems and that authentication (for example, password) policies are audited for compliance.
  • Prepare, distribute, and maintain plans, instructions, and SOPs concerning system security.
  • Maintain and document CM for IS software (including IS warning banners) and hardware.
  • Ensure system recovery processes are monitored and that security features and procedures are properly restored.
  • Maintain current software licenses and ensure security related documentation is current and accessible to properly authorized individuals.
  • Support and assist tenant IAMs or the installation IAM if no tenant IAM exist.
  • Report security violations and incidents to the servicing RCERT in accordance with Section VIII Incident and Intrusion Reporting.
  • Other duties as assigned

Qualifications
  • High school diploma or GED required.
  • 3+ years of direct, hands-on experience in the performance of Information Assurance support
  • Experience to include analysis, design, and implementation of security procedures of hardware and software on complex, large-scale systems in an enterprise environment
  • DoD 8570 IAM I certified
  • TS/SCI required

Knowledge, Skills and Abilities
  • Bachelor's degree prefered in an IT related field is also preferred.
  • CISSP, CAP, CISA, and CCNA security are preferred, but not required
  • Knowledge of the RMF accreditation process used by the Army and DoD
  • Knowledge of the process of the Risk Management Framework Analysis and Accreditation A&A and how to perform these capabilities
  • Knowledge of how to perform and complete the RMF STEPS 1-6 processes and knowledge of who is responsible for completing the tasking in these RMF Steps 1-6
  • Knowledge of Amazon Web Services (AWS) Cloud and the accreditation process
  • Knowledge of the duties and responsibilities of an Information System Security Officer (ISSO)
  • Knowledge of how to perform an Annual Security Review (ASR) for the systems yearly process
  • Have knowledge of the NIST Publications that relates to performing the RMF accreditation process
  • Knowledge of eMASS Database and it's functionalities
  • Knowledge of STIGs/Checklist and how to review in STIG Viewer
  • Know how to create and update the system's Plan of Action and Milestones (POAMs)
  • Knowledge of writing documentations and requirements for the RMF accreditation process
  • Knowledge and experience with current DOD and Army IA policies and procedures, RMF certification and accreditation procedures and requirements, APMS reporting procedures, and an understanding of the unique acquisition community IA issues
  • Working knowledge and access to the Army Portfolio Management System (APMS) and the ability to lead and oversee the Program Protection Planning (PPP) and Security Classification Guide development and production for developmental and production systems
  • Knowledge and experience in the security sub-disciplines supporting Army IA, certification and accreditation, IA security testing and security management for both developmental and production systems, including but are not limited to Communications Security, Physical Security, OPSEC, Risk Assessments, Personnel Security, Tempest, Network Security, Security Inspections and User Training 
  • Must have advanced working knowledge of a variety of computer software applications in word processing, spreadsheets, database (MS Word, Excel, Access, PowerPoint), and Outlook
  • Familiarity with Army and DoD regulations concerning IA implementation
  • Ability to work well independently and as part of a team

#Chenega Decision Sciences, LLC

Similar jobs