Info Assurance Spec II

IT

Chantilly, VA, US

Pay Rate Low: 28 | Pay Rate High: 29

• Added - 28/08/2024

Apply for Job

Join our client, a leader in applying technology and sciences, as they seek an Information Assurance Specialist to join their growing team!

Pay: $35-50/hr

Location: Chantilly, VA

Job Type: Contract

Candidates must be a US Citizen, and have active Top Secret Clearance.

Key Responsibilities:

• Design, build, configure, implement, and maintain IT network systems equipment and technologies.

• Provide Windows and Linux OS systems administration, cybersecurity (information assurance) support for various classified systems, including local regional office support.

• Configure and maintain information systems in compliance with security policies and standards.

• Initiate and follow through to completion, Risk Management Framework (RMF) packages for enterprise architectures in accordance with NISPOM/DAAPM, ICD 503/CNSSI 1253, JSIG, NIST 800-53 and NIST 800-171 requirements.

• Create and maintain Assessment and Authorization (A&A) packages, System Security Plans (SSPs), Risk Assessment Reports (RARs), Security Controls Traceability Matrices (SCTMs) and Plans of Action & Milestones (POA&Ms) for all classified systems.

• Conduct analysis and assessment of the security control assessment guidance, procedures, and templates to ensure correct and uniform implementation of the new RMF assessment processes.

• Identify, contain, investigate, and report data spills to the Government Security ISSM through preliminary written reports. Coordinate containment and device sanitization with staff at the affected locations. Work with the FSO/ISSO for assessment/mitigation strategy addressing the data spill in the approved response plan.

• Provide technical oversight for classified system compliance and conduct self-assessments.

• Interface directly with Defense Counterintelligence and Security Agency (DCSA) and other systems sponsoring clients to conduct security inspections, tests, and system review.

• Review of commercial security patches, and reports of cyber-attacks, and analyze them for applicability along with CTO, Information Vulnerability Alerts (IAVA) and other cybersecurity directives within the time specified by the issuing authority (e.g., U.S. CYBER COMMAND) and analyze them for applicability to and effect on the systems supporting DoD contracts.

• Support cybersecurity testing of client-based systems under test lead supervision.

Education/Experience:

• Bachelor’s degree (BS/BA) and/or 5 years of relevant experience as an IT systems administrator.

• Possess strong demonstrated knowledge of Windows Server and Microsoft operating systems installation and configuration required.

• Possessed strong demonstrated strong knowledge of Linux systems administration and configuration.

• Experience with network systems administration, Active Directory, and GPO management is required.

• Experience with PowerShell, Python, Shell Scripting, and /or other scripting languages.

• Experience with switch, router, wireless access points, USB, and firewall configuration is required.

• Knowledge of ESXi virtualization and VMware required.

• DoDD 8140 (8570.1-M) IAT Level 3 certification or ability to complete certification within the first 6 months of employment. CASP+ CE, CCNP Security, CISA, CISSP, GCED, GCIH, and/or CCSP is considered a plus

• Ability to travel to local regional sites to provide support for on-premise networks/systems, and to attend meetings and training (less than 10 percent of time).

• Possess a background understanding of cyber security principles, including system patching, configuration and validation of information system compliance using DISA STIGs, SCAP Compliance Checker (SCC) and STIG Viewer.

• Experience with IT Security Engineering in support of systems development, interface, and/or architecture requirements.

• Knowledge of NIST 800-53, DoD 8500.01, 8510.01 series and associated instructions governing Cybersecurity and Risk Management Framework (RMF) for DoD Information Technology (IT), to include implementing policies and procedures that are derived from those instructions.

• Experience with DISA Security Technical Implementation Guides (STIGs), implementation SCAP Compliance Checker (SCC) and STIG Viewer.

• Experience with Nessus, Web Inspect, AppDetective, Wireshark, Nmap, and other vulnerability detection tools.

• Experience with eMASS for information system Security Authorization and Continuous Monitoring workflows and reports.

#INDBH

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.