Information Assurance Security Specialist

Job Description:

Requires skills to assess, plan, and enact security measures to help protect an organization from security breaches and attacks on its computer networks and systems. Be able to identify vulnerabilities, interpret the test results of commonly used software to help protect the organization’s data, and help users adhere to new regulations and processes to ensure the network stays safe. Work as an intricate part of an IT department for various organizations. Capacity to use critical thinking with excellent attention to details to find new ways to resolve issues. Possess the ingenuity to find new ways to improve current systems and networks within the organization. The CSA is to provide technical analysis for IA/CS support and integration efforts. The CSA will perform in-depth analysis in various areas and technologies for RMF Assessment and Authorization (A&A)

• Reviews, updates, validates and authors Cybersecurity procedures (SOPs) as required.
• Reviews and maintains an inventory of authorized software.
• Reviews and maintains an inventory authorized external (USB) devices and media.
• Audits and validates configurations deployed on laptops, workstations, and servers.
• Audits and validates configurations of network devices based on DISA STIGs.
• Provides monitoring, and analysis of laptop, workstation, server and network audit logs.
• Ensures AV is properly deployed, and current signatures are implemented across the laptops, workstations and servers.
• Monitors, reviews and reports on data restoration capabilities.
• Familiar with HBSS and ACAS from a compliance and reporting perspective.
• VRAM management on unclassified and classified networks (two security domains)
• Basic system knowledge including ability to upload scan data.
• Reports compliance for Cyber directives including IAVs, TASKORDs, FRAGORDs, etc.
• Create, implement and maintain system baselines.
• Conduct technical security test and evaluations of unclassified networks and/or systems to determine compliance with appropriate information assurance (IA) or cyber security controls and risk mitigation strategy.
• Provide detailed risk mitigation recommendations; conduct risk and vulnerability assessment of IT systems; conduct appropriate network scans utilizing ACAS and coordinate patching as required to gain/maintain accreditation.
• Prepare Certification and Accreditation/Assessment and Authorization documentation packages in accordance with RMF.
• Knowledge of DIACAP/RMF/NESSUS /RETINA Knowledge of MS Visio

Required Skills and Experience:

• 10+ years of directly related experience in IT/IA Engineering OR Bachelor’s degree in related discipline with 8+ years of equivalent experience 
• Must meet the DoD 8570 standard for an IAM 3
• CISSP certification required
• Must be a U.S. citizen
• A Top secret security clearance 

Degree Requirements:

• Bachelor's degree and a minimum of 8 years of relevant experience. 
                                                   OR
                               10 years of experience.