Information Assurance/Security Engineer, Mid-Sr

JOB DESCRIPTION:

In this position you will support an Intelligence Community customer in the Wash/Metro area, ensuring compliance with the ISSO Roles and Responsibilities as laid out in agency directions, instructions, and memos. Job duties include:

• Perform tasks delegated by the ISSM in support of various information assurance programs such as security authorization activities in compliance with Risk Management Framework (RMF) policies and procedures including System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and Security Controls Traceability Matrix (SCTM)Proactively ensure the highest levels of systems availability.
• Maintain operational security posture to ensure information systems (IS), security policies, standards, and procedures are established and followed.
• Perform vulnerability/risk assessment analysis to support Assessment & Authorization (A&A).
• Review and analyze system audit logs to identify anomalous activity and potential threats to network resources.
• Conduct vulnerability scans and recognizing vulnerabilities in security systems.
• Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to acceptable security levels.
• Apply a full range of Cybersecurity policies, principles, and techniques to maintain the security integrity of information systems processing classified information.
• Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk.
• Work with government customers to support computer security incidents and vulnerability compliance.
• Input and maintain system documentation into government record-keeping systems Xacta.
• Provide Configuration Management for security-relevant information system software, hardware, and firmware.
• Perform risk analysis whenever an application or system undergoes a major change.
• Provide input to the Risk Management Framework process activities and related documentation.

QUALIFICATIONS:

• Must have the years' experience and certification(s) requirements specified below.
• Understanding of FISMA, NIST, and Office of Management and Budget (OMB) Federal Information System requirements
• Advanced written and verbal communication skills

REQUIRED EXPERIENCE:

• Minimum of 5 years' experience as an IA/Security Specialist and OMB Information Security directives/policy compliance.
• Minimum of 5 years direct experience and in-depth working knowledge of FISMA and NIST Information Security guides.
• Must hold active Security+, CISSP, CISA, or equivalent certifications (DoD 8570 IAM 2 equivalent)

PREFERRED:

• Experience with effective policy, instruction, and development for Federal or DoD Information Security Programs.
• Experience with performing Security Control Assessment in compliance with NIST SP 800- 37, NIST SP 800-53, NIST SP 800-53A, and other NIST 800 guide series.
• Experience with risk analysis and assessment determinations incorporating system/mission owner, and unique operational constraints.
• CSAM tool experience is preferred.
• Understanding of FISCAM compliance.
• Experience with Amazon Web Services (AWS).
• Experience with Xacta.

EDUCATION:

• Bachelors in a technical (STEM) field of study with 8+ years of relevant experience
  • Additional experience may be considered in lieu of degree

CERTIFICATION(S):

• Security+, CISSP, CISA, or equivalent certifications (DoD 8570 IAM 2 equivalent

ATD Technology, LLC is a certified minority woman owned business that creates opportunities to match qualified individuals with client programs while meeting all parties' financial and technical goals. ATD is a full service provider with offerings in Contract, Permanent and Temp-to-Perm staffing solutions. We serve Fortune 1000, mid cap and small cap companies in the Commercial, Public and Government sectors.