Junior Information Assurance Security Specialist

Junior Information Assurance Security Specialist

Vacancy expired!

FEDITC, LLC is a fast-growing business supporting DoD and other intelligence agencies worldwide. FEDITC develops mission critical national security systems throughout the world directly supporting the Warfighter, DoD Leadership, & the country. We are proud & honored to provide these services.

Overview of position:
FEDITC is seeking a Junior Information Assurance Security Specialist. The duties of this task include assessing network compliance against controls listed in NIST 800-53 and CNSI 1253 and creating authorization packages. Additionally, the Information Assurance Security Specialist, Junior, should be able to perform security evaluations and vulnerability assessments using the DOD Assured Compliance Assessment Solution (ACAS), Nessus vulnerability scanning tool. The Information Assurance Security Specialist, Junior will liaison with network and system administrators to correct identified deficiencies. The Information Assurance Security Specialist, Junior, will also scan (or review scans) for new systems and applications being introduced into the SOF environment, identify issues, and draft certification letters for the government. The contractor will liaison with the Site Integration Facility (SIF) to ensure systems and application meet the standards in the DISA Security Technical Implementation Guides (STIG).

Responsibilities:

• Analyze, evaluate, and build an authorization roadmap for new SIE networks and systems.
• Develop and maintain supporting documentation for new networks, information systems, and technologies as they are introduced into the SIE.
• Develop and review the security posture of SIE networks, systems, services, devices, hardware, and major applications using the DoD & IC RMF to obtain an Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC).
• Maintain, track, and validate DISN and DIA connection approval packages, including those from USSOCOM, its Component Commands, TSOCs, and other subordinate organizations.
• Perform risk and vulnerability assessments of IT and IS for authorization; prepare risk assessment reports for submission to the Security Controls Assessor SCA) and Authorizing Official/Designated Accrediting Authority (AO/DAA) in accordance with DoD, DIA, USCYBERCOM, USSOCOM, Component Command, TSOC, and deployed forces policies, procedures, and regulations.
• Assist USSOCOM, its Component Commands and deployed forces with the enforcement of A&A, as well as DoD, DIA, USSOCOM, Component Command, TSOC, and deployed forces connection standards for networks and systems.
• Ensure timely notifications are made to responsible individuals and organizations in order to prevent lapses in accreditations (e.g., 30, 60, and 90 day notices) and POA&Ms.
• Develop and maintain an Information Security Continuous Monitoring (ISCM) Plan. This plan shall address ongoing compliance and awareness of cybersecurity vulnerabilities, security controls, and threats to support organizational risk management decisions.
• Coordinate with USCYBERCOM, DoD, DIA, NSA, DISA, and subordinate organizations to support the resolution of issues with security, A&A, connection approvals, and waiver requests.
• Perform network security authorization, as well as the application and execution of policy, including project management support services.
• Validate the patching of systems, perform validation scanning, develop Plans of Action & Milestone (POA&Ms), and report as directed by applicable policies, procedures, and regulations.
• Track and report to higher headquarters organizations (e.g., USCYBERCOM, DIA) compliance with applicable Cybersecurity regulations and directives.
• Provide subject matter expertise for COA development and the implementation of Cybersecurity mitigation strategies.
• Develop and implement required processes, procedures, and capabilities to mitigate vulnerabilities and weaknesses for software and hardware deployment.
• Evaluate Commercial off the Shelf Software, Government off The Shelf Software and Open Source Software for cybersecurity compliance and provide software certification recommendations to the SCA.

Experience/Skills:

• Three (3) years of progressive, relevant experience
• Experience with the US Combatant Commands (USCENTCOM/USSOCOM) is desired.
• Working knowledge of the Risk Management Framework (RMF).
• Knowledge of the Telos Xacta or eMASS system is desired.
• Must have excellent communications skill (written and oral) and interpersonal skills.
• Knowledge and experience with DOD IA processes and policies (e.g., CJCSM 6510.01, Incident Response and other IA policies).

Education:

• Bachelors Degree in computer or systems science discipline. Significant relevant experience will be considered in lieu of formal education.

Certifications:

• DOD Information Assurance Technical (IAT) Level II OR
• Information Assurance Management (IAM) (A&A) Level I

Clearance:

• Active TS/SCI Clearance is required.
• Must be a US Citizen and pass a background check.
• Maintain applicable security clearance(s) at the level required by the client and/or applicable certification(s) as requested by FEDITC and/or required by FEDITCS Client(s)/Customer(s)/Prime contractor(s).

FEDITC, LLC. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. FEDITC, LLC. complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities