This position will perform the functions of multiple Information Assurance (IA) roles for the Department of Defense (DoD). Candidates must be knowledgeable of information technology and security principles. This is a multi-tasking environment that demands customer service, communication, and organizational skills. Essential Functions: - Perform oversight of the development, implementation and evaluation of information systems security programs for assigned programs in compliance with NISPOM, DAA... more details
This position will perform the functions of multiple Information Assurance (IA) roles for the Department of Defense (DoD). Candidates must be knowledgeable of information technology and security principles. This is a multi-tasking environment that demands customer service, communication, and organizational skills.
Essential Functions:
• Perform oversight of the development, implementation and evaluation of information systems security programs for assigned programs in compliance with NISPOM, DAAPM, ICD 503, and JSIG RMF.
• Develops technical solutions to problems which require the regular use of ingenuity and creativity.
• Applies technical expertise and has full knowledge of related disciplines by implementing technical solutions across various platforms.
• Prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, RAR, SCTM), including participation in system categorization.
• Ensure the development, documentation, and presentation of IS security education, awareness, and training activities for users and others, as appropriate.
• Apply cybersecurity standards, directives, guidance, and policies to special programs and classified computing environments.
• Perform tasks related to compliance of Continuous Monitoring (ConMon) Plans (e.g., audit log review, security patching, software and hardware configuration management).
• Investigate security incidents to include data spills, data integrity incidents, and malicious code incidents.
• Ensure system security measures comply with applicable government policies, provide configuration management, and accurately assess the impact of modifications and vulnerabilities for each system.
• Conduct reviews and technical inspections to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional.
• On occasion, work extended hours (other than regular business hours) to support contractual requirements to meet customer needs. Accomplish other duties as assigned. • DoD Directive 8140/8570 IAM Level II or higher certification. (CISSP preferred)
• Active SECRET security clearance. Must be able to obtain TOP SECRET clearance.
• Experience as an ISSO or ISSM implementing NISPOM Chapter 8, DAAPM, DIACAP/NIST RMF, JAFAN 6/3, DCID 6/3, ICD 503, and/or JSIG IS requirements.
• Experience with certifying compliance of various operating systems.
• Ability to work in a team environment as well as independently, demonstrate excellent problem-solving abilities, be well organized, flexible, and self-motivated.
• Administer accountable COMSEC per NSA/CSS Policy Manual 3-16, and other Department of Defense issuances such as National Security Systems Instruction (CNSSI) and National Industrial Security Program Operating Manual (NISPOM).
• Assist with implementing the Electronic Key Management System (EKMS). Manage classified material and multiple containers in the dedicated COMSEC work area, including destroying superseded keying material.