We have a full time opportunity for an IA Engineer to support a newly awarded contract in Aberdeen, MD. Candidate must have an active Top Secret SCI Clearance.
The IA Engineer will be responsible for gathering information necessary to validate system security accreditations and to validate functioning security measures internal to these systems. The IA engineer will define, create and maintain the required IA documentation for each information system in accordance with requirements. The IA engineer will also assess the impacts of system modifications and technological advances on program project associated information systems.
The IA engineer will have a minimum of a bachelor's degree in computer science, mathematics, engineering or five years of comparable work experience with a qualifying Information Assurance certification, such as CISSP, CISM, CAP, or ISSEP in accordance with DoD 8570.1.
- Coordinates all Accreditation and Authorization packages for Cross Domain Solutions with the appropriate agency/stakeholders
- Writes comprehensive security analysis reports including assessment-based findings, outcomes and enter this data into DoD Information Assurance Management data bases for evaluation by Authorizing Officials to support the receipt of Authority to Operate (ATO) for the systems.
- Describes, tests and validates security measures active on security infrastructure devices for the protection of computer systems, networks and information system
- Identifies and defines system security requirements and correlates/documents them by analysis of organizational standard security operating procedures (SOP) and protocols.
- Determines security violations and inefficiencies through security tests, evaluations and audits.
- Describes system security architectures and provides detailed descriptions for the security components of information systems.
- Recommends technical solutions and new security tools to mitigate identified or potential security vulnerabilities.
- Recommends techniques to protect system by defining access privileges, control structures, and resources required to implement these structures.
- Achieves system security operational objectives by contributing guidance and recommendations to program/project leadership.
- Recommends improvements by assessing current security implementations and anticipating new security requirements.
- Maintains system security by implementing and maintaining security controls.
- Experience working with "TSABI" CDS (those that go between TS/SCI networks and Secret / Collateral networks)
- Experience in testing and describing system security implementations
- Experience working with DIA and NSA staffing and approval processes
- Extensive technical knowledge of database and operating system security
- Awareness of the capabilities of or direct experience with system security tools, including but not limited to firewalls, intrusion detection systems, anti-virus software, access validation systems, identification & authentication systems, audit log management, content filtering, information flow enforcement, and incident response procedures.
- Experience documenting systems and building a body of evidence in XACTA or working with DIA on Cross Domain solutions
- Experience with network technologies and with system, security, and network monitoring tools
- Thorough understanding of the latest security controls, testing techniques, and implementation of these controls.
- Familiar with Information Security Policies (ICD 503, RMF, CNSSI 1253, and NIST SP 800 Series)