Cybersecurity/ Information Assurance Engineer(Cloud/ SaaS)

Description

Position: Cybersecurity/ Information Assurance Engineer(Cloud/ SaaS)

Location: Remote (Base location: Fort Gregg Adams, VA)

Clearance: Active Secret (preferred) / Eligible to obtain 

Client: The Defense Commissary Agency (DeCA OF)

Certifications: IAT III - CISSP or equivalent 

Provides the leadership as an ISSO, management, and supervisory IA skills identified in DoD Directive 8570.01-M.  These skills and their associated duties may include the following:

Intrusion:

• Ensures the rigorous application of IA policies, principles, and practices in the delivery of all information technology (IT) and IA services. 

• Leads and directs team personnel too quickly, efficiently and effectively to solve complex IA problems. Identifies IA requirements as part of the IT acquisition development process and assists in the formulation of IA /IT budgets. 

• Supervises the assessment and implementation of identified computer and network environment fixes such as system patches and fixes associated with specific technical vulnerabilities as part of the Information Assurance Vulnerability Management program. 

• Guides the implementation of appropriate operational structures and processes to ensure an effective IA security program including boundary defense, incident detection and response. 

• Evaluates functional operation and performance in light of test results and make recommendations regarding C&A. 

• Monitors and evaluates the effectiveness of IA security procedures and safeguards.  Evaluates security violations to determine necessary initial and long-term corrective action.

• Assesses impact, determines probably damage and suggest methods of damage control, conducts computer forensics, and follow-on analysis to build historical and predictive capabilities for IA incidents.

• Designs perimeter defense systems including intrusion detection systems, firewalls, grid sensors, etc., enhances rule sets to detect or block sources of malicious traffic, and establishes a protective net of layered defenses to prevent, detect, and eradicate threats.

Specialist: 

• Ensures that protection and detection capabilities are acquired or developed using the IS security engineering approach and are consistent with DoD Component level IA architecture. 

• Has a working knowledge of DoD provided IA tools such as eMASS.

• Develops IA related customer support policies, procedures, and standards. 

• Working knowledge of policy, guidance and evaluation criteria of the DoD Critical Infrastructure Program to include  FedRAMP.

• Prepares and/or oversees the preparation of IA certification and accreditation documentation. Analyzes, develops, evaluates, and integrates IA policies.  Assists in the gathering and preservation of evidence used in the prosecution of computer crimes.  

• Identifies the IT security program implications of new technologies or technology upgrades.  Conducts IA cost benefit, economic and risk analysis in the IT acquisition decision making process.  Interprets security requirements relative to the capabilities of new information technologies.  Interprets patterns of noncompliance to determine their impacts on levels of risk and/or overall effectiveness of IA programs. 

• Analyzes identified security strategies and recommends the best approaches and/or practices.  Monitors and evaluates the effectiveness of IA security procedures and safeguards to ensure they provide the intended level of protection. 

Requirements

Certifications: IAT III - CISSP or equivalent  

Skills: eMASS, FedRAMP