Information Assurance (IA) Expert Job in Washington, District Of Columbia Us

PSI Technology PSI Health SciencePSI Social ServicesPSI - MedDRA Training Software, MedDRA Coding, MedDRA Data Conversion, MedDRA Training, MedDRA CBT, WHO Drug Services

 

About Us:

 

PSI INTERNATIONAL, Inc. is a leading IT services company that provides a unique blend of health science, social services, and technology support services to federal, state, and local government agencies, as well as select commercial markets.  

 

.

 

Job Title:  Information Assurance (IA) Expert

PSI is looking for an Information Assurance Expert in the DC Metro Area. If interested in discussing this position, send resume and cover letter to bpetek@psiint.com

Job Overview:

General responsibilities include technical support, managing risks related to the use, processing, storage, and transmission of information and processes used for those purposes. While focused dominantly on information in digital form, the job includes not only digital but also analog or physical form. Information assurance includes the practice of information security and computer security.

The IA Expert develops an enumeration and classification of the information assets to be protected and perform a risk assessment considering the factors such as the probability and impact of the undesired events subdivided into threats and vulnerabilities and measures the impact in terms of cost thus evaluating the total risk.

Based on the risk assessment, the IA Expert will develop a risk management plan that will feed into the project management plan. The plan will propose countermeasures that involve mitigating, eliminating, accepting, or transferring the risks, and considers prevention, detection, and response. A framework, such as Risk IT, CobiT, PCI DSS, ISO 17799 or ISO/IEC 27001, may be utilized in designing this plan. Countermeasures may include tools such as firewalls and anti-virus software, policies and procedures such as regular backups and configuration hardening, training such as security awareness education,

General responsibilities also include technical support, software testing  and computer forensics work. Specifically, the successful candidate will spend approximately 50% of their time providing IT support and the remainder of their time on conducting testing as well as time working on actual cases. The candidate should be prepared to work in varying environments, with occasional domestic and possibly international travel (10%-15%).

 

The candidate will be a Senior IT support engineer being able to lead technical support professionals, with a broad background in solving IT issues. The candidate must be an experienced problem solver who can work well independently as well as within a team. The candidate should possess good knowledge and experience in networking, Windows desktop/server administration, MS Exchange and Active Directory in a multi-server environment.

 

The candidate will serve as the principle technical advisor and subject matter expert for cyber security engineering services; an expert in the development, direction, and implementation of security in enterprise capabilities to prevent sophisticated cyber threats and vulnerabilities, or detect when prevention fails; understand the fundamentals of layered defense technologies and processes; understand the lifecycle of the network threats, attack vectors and methods of exploitation.

 

The candidate shall be an integral part of a diverse team that leads the world in Mission, Cyber, and Technology Solutions. Candidate will help protect security while working on innovative projects that offer opportunities for advancement.

In providing the basic responsibilities the IA Expert: determines enterprise information assurance standards; develop, implement, provide guidance, and enforce security policies and procedures; ensure approved procedures are in place for clearing, purging, declassifying, and releasing system memory, media, and output; recommends information assurance solutions to support customers’ requirements; establishes and satisfies information assurance requirements based upon the analysis of user, policy, regulatory and resource demands; applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems; perform oversight of the development, implementation and evaluation of information assurance security policy, perform analysis of network security, based upon the certification and accreditation process; advise customer on IT certification and accreditation issues; as a certifier, participate and engage in IA and system security working groups; perform risk assessments and make recommendations to customers; support government program managers on security testing methodologies and processes; evaluate certification documentation and provide written recommendations for accreditation to the client; conduct  periodic system security reviews to accommodate changes to policy or technology; Evaluate IT threats and vulnerabilities to determine whether additional safeguards are needed; when applicable, validate IA controls by ensuring certification tests are accomplished for each information system; conduct software and hardware IA assessments and provide risk recommendation for implementation while ensuring proper configuration management; conduct certification tests that include verification that the features and assurances required for each system boundary protection level and/or trusted application functionality; maintain a repository for all system certification/accreditation documentation and modifications; coordinate security inspections, tests, and reviews, as required; review System Security Policies to ensure system functionality of IA controls comply with Standards; develop policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents; support accreditation issues by developing solution oriented IA management plans and recommendations to the client; ensure proper protection or corrective measures have been taken when an incident or vulnerability has been discovered within a system.

Key Functions: Architect network protections against advanced threats to networks, systems, and data. Contribute to program management, strategic direction, and system architectures for the Enterprise. Develop specific mitigations to protect against advanced attackers. Engage with technical experts from the Intelligence Community, and Industry to identify and solve complex system vulnerabilities.

Occasional travel required in support of the IA meetings and Team Reviews (about 10-15%) Outstanding analytic and problem solving skills

Required Education/Experience:

M.S. in Computer Science, Electrical Engineering, Systems Engineering, or a related technical field plus 5 years experience performing systems security engineering, B.S. and 7 years of related experience, IA certification, such as CISSP, is highly desired.

Required Skills: Must have a working knowledge – of software systems security standards, knowledge of IA (development, process, policies procedures, etc.) a minimum of 5 years experience is desired in Information Systems Security with an emphasis on Certification and Accreditation (CA) and/or Security policy development; experience in developing and staffing management reports and accreditation documentation. Effective communication (oral and written) and organizational skill is required. Strong data analysis skills. Current experience with large enterprise information systems and network security architectures. Hands-on experience assessing and using tools and technologies designed to counter the advanced cyber threat. Can clearly communicate technical solutions to senior, perhaps non-technical, leaders. Strong project management and strategic analysis skills. Excellent written and verbal skills. 

Send resume and cover to bpetek@psiint.com