Support PDF,DOC,DOCX,TXT,XLS,WPD,HTM,HTML fils up to 5MB
Years of Experience
Date Last Verified
ProfileInformation Assurance Analyst The candidate will work closely with the government Information Assurance Manager (IAM) in implementing DoD and Air Force Policy on the DC3 networks. Member of a team of IA professional’s responsible providing policy analysis, information sharing requirements, Certification and Accreditation support for multiple classified and unclassified networks. Responsible for creating and validating system security requirements, establishing and implementing security designs in hardware, software, data, and procedures. Will conduct technical risk and vulnerability assessments of planned and installed information systems as well as assess and mitigate system security threats/risks throughout the system life cycle. Responsible for preparing documentation such as Risk Assessment Reports (RARs) for the ISSM/CISO, System Security Plans (SSPs), Development of Plan of Action & Milestones (POA&Ms) to ensure compliance with Government and DC3 Cybersecurity policies and procedures. Will assist the ISSM/ISSO with the generation of cybersecurity documentation for system hardware and software assessments; assess the performance of IA Security controls for assess and authorize and assess only networks.
Qualification and Experience
The candidate should have DOD 8570/8140 Certification: (CISSP, CISM, GSLC, CASP, CAP). Should have demonstrated Risk Management Framework (RMF) experience. must have experience with IA/Cybersecurity policy implementation. Experience handling Federal C&A activities to include experience with eMASS (submission, validation and updates as needed) is needed. Should have experience performing computer systems security risk analysis and assessment. Must have experience implementing and validating Security Technical Implementation Guidance (STIG) and Security Requirements Guidance (SRG) for applications, familiarity with DOD network architecture and network engineering practices, hardening Windows/LINUX operating system. DoD SCCVI, HBSS, ACAS and CMRS experience is needed. Experience with Department of Defense Test & Evaluation (T&E) practices for Cybersecurity to include validation of Security Control Requirements, STIG/SRG/Customer Centric requirements and document findings in a formalized reporting format is preferred. Experience analyzing and defining security requirements is desired. FISMA experience is desired. Should have exceptional communication, interpersonal, problem solving, analytical and organizational skills. Experience with Department of Defense Test & Evaluation (T&E) practices for Cybersecurity to include validation of Security Control Requirements, STIG/SRG/Customer Centric requirements and document findings in a formalized reporting format is desired. Experience analyzing and defining security requirements is preferred. Must have strong analytical and organizational skills with excellent communication skills (written and verbal communications) and have the ability to work in a dynamic work environment. FISMA experience is preferred. Suggested Qualifications: 13 years of professional experience without a degree; or 5 years of professional experience with a Bachelors degree from an accredited college in a related discipline, or equivalent experience/combined education; or 3 years of professional experience with a related Masters degree; or no experience required with a related PhD or JD. Consideration should always be given for the level of specific domain expertise.