Information Assurance (IA) engineer shall provide support in the deployment of an enterprise-level data analytics and collaboration system for a DoD customer. Candidate will have the option to work from Anacostia, Washington D.C. or Herndon, VA.
- Lead the effort to achieve certification and accreditation (C&A) and authority to operate (ATO) of systems on government networks.
- Generate and maintain system C&A documentation, including Security Plan, Risk Management Matrix (RMM), Plan of Action and Milestones (POA&M), System Requirements Traceability Matrix (SRTM), and Certification Test Plan, in accordance with ICD 503, as well as all associated schedules.
- Collaborate on IA activities with government SSO and ISSO and the customer to ensure incorporation of IA requirements and all plans, schedules and tasks necessary to achieve C&A and ATO on target networks.
- Lead efforts to ensure secure architecture and programming solutions for modifications of existing systems and for new system deployments.
- Assist with the implementation of security and Information Assurance (IA) objectives for new and existing components by providing systems security engineering support to projects.
- Work with C&A authorities within the customer and the IC to ensure IA measures are taken to meet mission objectives and applicable security policies and directives.
- Analyze and implement security controls that are applicable dependent on the type of system in order to develop and execute certification test plans.
- Conduct reviews of assessment artifacts (Certification Test Plans, System Security Plans, Security Requirements Traceability Matrix, etc.).
- Implement and maintain online technical information libraries, perform the configuration management role and maintain the baseline repository for the respective C&A projects.
- Implement and apply knowledge of configuration management and integration testing for the Government’s C&A process.
- Identify IA risks and vulnerabilities, provide security engineering recommendations, and plan and oversee the implementation of system security engineering approaches that use repeatable engineering processes for built-in security measures in development engineering activities.
- Provide support to systems integration activities: derive system security requirements or provide security requirements evaluations; review system security design; prepare security test plans and procedures; and participate in certification testing.
- Research tools and technologies with respect to whether they are on lists of certified tools and technologies for target networks.
- Apply experience with federal and national Cybersecurity policies, IA standard security principles, standards and industry best practices.
- Perform other tasks as assigned.
- Must possess an active TS clearance.
- Minimum five years’ solid IA experience with a Bachelor’s degree combined with a security-related certification.
- Knowledge of ICD 503 and industry/government IA best practices supporting information assurance C&A and management.
- Experience leading an enterprise-level system to C&A and ATO on a classified network.
- Experience generating and maintaining system C&A documentation, including Security Plan, Risk Management Matrix (RMM), POA&M, System Requirements Traceability Matrix (SRTM), Certification Test Plan and all associated schedules.
- C&A experience supporting systems engineering and integration efforts for DoD, other Government Agencies or commercial programs or projects.
- Experience in organizing and maintaining online technical information libraries, performing the configuration management role and maintaining the baseline repository for the respective C&A projects.
- CISSP (or Associate), CAP, CASP+CE, CISM, GSLC, or CCISO required.
- Experience writing and delivering technical documents and briefings.
- Excellent verbal, written, and organizational skills.
- Motivated self-starter and a team-player.
- BS or MS in Information Assurance Engineering, Computer Science, or related IT field with seven years’ experience.
- Experience with U.S. DoD Intelligence Community desired.
- RMF expertise.