Information Assurance Engineer Senior Job in Ft. Belvoir 22060, Virginia Us
Information Assurance Engineer Sr Staff
Tracking Code 187-190
Job Description
Provides security engineering designs and implementation in all aspects of Information Assurance and Information Security (InfoSec) Engineering. Assesses and mitigates system security threats/risks throughout the program life cycle; validates system security requirements definition and analysis; establishes system security designs; implements security designs in hardware, software, data, and procedures; verifies security requirements; performs system certification and accreditation planning and testing and liaison activities, and supports secure systems operations and maintenance.
PRINCIPAL RESPONSIBILITIES:This position supports the Protect Team of a Computer Network Defense Service Provider (CNDSP), supporting thousands of computing assets located in the US and foreign countries. The Protect Team's responsibilities include but are not limited to:
· Staying abreast of current cyber threats, as determined by government and industry sources, evaluating the threat(s) for relevancy to the subscriber and then advising the subscriber and CNDSP Detect Response Team of the vulnerabilities the threats present.
· Updating a Vulnerability Management System (VMS) of new cyber threats and system vulnerabilities.
· Participate in the advisory relationship between the CNDSP and its subscribers.
· Perform semi-annual audits of all subscriber computing assets via multiple, complimentary audit applications.
· Assist/observe in annual penetration testing of selected subscriber computing assets.
· Map weaknesses discovered during audits to DoD IA controls and update findings in VMS.
· Leverage skills and capabilities of Protect Team staff to benefit subscribers in defending against new and emerging threats.
· Participate in extending Protect Team capabilities to other govt agencies.
Required Education: Bachelor’s degree from an accredited college in a related discipline, or equivalent experience/combined education.
Required Skills: The successful candidate will have the following experience and skills:
· Must have at least one of the following active certifications to be considered: CISA or GSNA.
· Documented participation in a large, enterprise-wide Vulnerability Assessment Team of IA Auditors.
· Development of IA-related SOPs
· Development and participation in IA Audit training.
· Audit program development based upon DIACAP, FISCAM, and NIST.
· High-level report development.
· Experience in briefing Program Management, DAAs, and Government Leads.
· Mapping IA Audit findings to IA controls.
· Leveraging team skills to support new missions.
· Working knowledge of IA Policies listed in: DoD 8500.1, DoD 8500.2, NIST SP800-37, -53, -53a, FISCAM/ GAO Yellow Book.
· Direct experience in the following technologies: Active Directory, Retina, Gold Disk.
· Expert level knowledge of DISA SRRs and STIGs.
Desired Skills: The following skills, certifications and experience are desired:
· Windows Server 2000, 2003, 2008, XP, Vista
· FreeBSD
· Cisco Routers and switches
· Juniper Firewalls
· SQL 2000/ 2005
· Oracle
· IIS 6
· Q-Tip
· HBSS
Desired Certifications:
· CISM
· CISSP
· CEH
· CCNA
· JNCIA-FWV
· MCSE
Clearance Required: Top Secret required (Continued employment is predicated upon becoming TS/SCI cleared)
Required Experience: 14 years or more of professional experience; or 12 years of professional experience with a related Masters degree. Considered an expert, authority in discipline.
· Participate in highly disciplined, large IA teams supporting DoD programs.
· Former military experience a plus.
· Demonstrated success in team-building.
· Experience across multiple security domains.
Job Location Fort Belvoir, VA, US.
Position Type Full-Time/Regular
Apply at: https://hostedjobs.openhire.com/epostings/submit.cfm?fuseaction=app.jobinfojobid=187company_id=16190version=1source=ONLINEjobOwner=992288aid=1