This position is located in our MD, Patuxent River facility
This position is for a C&A analyst/ INFOSEC Engineer performing the functions of the Information Assurance Manager (IAM). The successful candidate will be responsible for creating DIACAP packages and providing guidance with respect to the development of C&A documentation. The candidate will be required to stay current on DoD and DoN policy related to acquisition, IA and Computer Network Defense.
Tasking may include:
• Create, review and assist with the development of appropriate documentation required for C&A, Clinger Cohen Act activities and FISMA reporting.
• Provide recommendations to the system owners/Program Managers regarding how to maintain the accredited security posture of the system in accordance with DoD/Navy policy. Prepare and sustain Information System security certification and accreditation support documentation .
• Review and develop risk mitigation strategies. Test, validate and document compliance with IA controls for acquisition programs. Provide IA engineering support with respect to evaluating technical risks and reviewing C&A documentation for major acquisition programs.
• Process and maintain compliance relating to DIACAP packages and other IA-related tools.
• Provide technical capability to identify security-related solutions to both current and planned systems and networks to include the non-NMCI Research, Development, Test and Evaluation classified and unclassified networks.
• Conduct and comprehend vulnerability scans and assist system administrators with developing mitigation strategies.
• Attend collaboration meetings and review and comment on program security policies and procedures; coordinate security implementation issues with the appropriate Government officials and/or prime contractors; and support security testing.
Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
8-10 years of related experience in data security administration.
Any skill level or experience in the following:
• Managing and leading efforts in the review, application, and maintenance of IA policies and C&A procedures for operational/Programs of Record (POR) acquisition programs.
• Performing Information Assurance/security analyses and risk/vulnerability assessments along with evaluating IA technologies and secure solutions for applications, systems, and platform interconnections/interfaces.
• Hands-on experience with the DoD IA Certification and Accreditation Process (DIACAP).
• Knowledge of the System Engineering Technical Review (SETR) processes and IA in support of Acquisition Programs.
• Experience in the use of Gold Disk, Retina and DoD mandated Security Technical Implementation Guides (STIGs), NSA Guides, Security Checklists and Security Readiness Review (SRR) Scripts. He/She should be able to analyze and review the results of network and system vulnerability scans and be able to test and validate IA controls per the DIACAP Knowledge Service.
• Understanding of DoD and Navy Firewall Policy and requirements (PPS CAL, UTNPp, CTNPp, etc)
• Working knowledge of NAVAIR IA program and processes and Navy Platform IT.
• A team player who is able to formally train/brief program managers, project leads, application managers, system administrators and IA Officers on Information Assurance, Certification and Accreditation and methods for securing their systems and networks.
8570 Requirements: Candidate must currently hold an approved DoD 8570 compliant IA certification at the IAM II level (or achievable within six months of employment).Click Here to Apply