Information Assurance Security Specialist

Smartronix Quantico , VA 22134

Posted 1 month ago

Smartronix, LLC, is an information technology and engineering solutions provider specializing in Cloud Computing, Cyber Security, Health IT, Network Operations, and Mission-Focused Engineering. Smartronix is seeking an Information Assurance Security Specialist to provide IA Vulnerability Assessment support for enterprise assets. A strong understanding of DoD STIG/ IAVA and compliance processes are necessary in order to be successful in this position. Assured Compliance Assessment Solution (ACAS) is the primary tool used to facilitate a compliant and secure network.

DUTIES:

  • Conduct vulnerability scans on a regularly scheduled basis, and ad hoc, as directed.

  • Provide a regularly updated list of systems scanned and individual scan results.

  • Coordinate scans with respective system owners.

  • Provide scan results to system engineers for mitigation efforts.

  • As required, work directly with system engineers to clearly identify changes.

  • Maintaining configuration items and executing functions on vulnerability management platform, to include ACAS, Nessus, STIG Validation Scans and Manual Checks.

  • Assist in annual Command Cyber Operational Readiness Inspection and provide risk assessment analysis support, as required.

  • Creating essential documentation (procedures, scanning reports, remediation reports, etc.), providing analysis and metrics on vulnerabilities, and driving remediation of vulnerabilities throughout the organization.

  • Serve as a subject matter expert for vulnerability scanning and STIG Compliance procedures, ACAS 4.6 or higher execution/operation.

  • Attend meetings and provide recommendations concerning Risk Management and mitigation efforts for organizational assets.

  • Ability to develop and maintain metrics and reports on vulnerability findings and remediation compliance.

  • Facilitate proactive remediation of new vulnerabilities by collecting information from threat and vulnerability feeds, analyzing the impact/applicability to our environment and communicating applicable vulnerabilities and recommended remediation actions to the impacted teams.

  • Provide technical support to system and technology owners to propose mitigation and remediation solutions.

  • Provide input to leadership for enhancing the vulnerability and risk management strategies.

Smartronix provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

#CJPOST

Required Skills

  • Demonstrated ability to work effectively in an ambiguous environment

  • Strong oral and written communications skills

  • Strong analytical and problem-solving skills and proactive thinking skills

  • Strong knowledge of threats and vulnerabilities associated with network security

  • High-level familiarity with Vulnerability Management tools such as ACAS, SCAP, and SCCM.

  • Basic level familiarity with DoD and other Cyber Security Regulatory Compliance bodies

  • Ability to drive automation of vulnerability management platform and processes

  • Understanding of how to classify and prioritize the risk of new vulnerabilities based on the operating environment

  • A Cyber Security Team team-player contributing to policy development, RMF package accreditation requirements

Required Experience

  • 3+ Years of Information Security Experience, working with Vulnerability management tools

  • Active Top Secret clearance

  • DoD 8570 IAT III Level Certification Required (CISA, GCIH, GCED, CISSP/Associate)

Travel Requirements

No Travel Required

Clearance Level Required



  1. Top Secret, 06. SCI

US Citizenship Required

Yes

Category

Information Technology

Position Type

Full-Time/Regular


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Ncis Information Assurance Engineer

General Dynamics

Posted 2 weeks ago

VIEW JOBS 5/13/2020 12:00:00 AM 2020-08-11T00:00 Location: USA VA Quantico Full Part/Time: Full time Job Req: RQ56326 Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret Clearance Level Must Be Able to Obtain: Top Secret/SCI Suitability: No Suitability Required Public Trust/Other Required: None Job Family: Information Security Job Description: JoinGeneral Dynamics Information Technology (GDIT)and be a part of the team of men and women that solve some of the world's most complex technical challenges. The NCIS program is searching for an Information Assurance Engineer to join their team inQuantico, VA. TheNaval Criminal Investigative Service (NCIS)is an organization of over 2,200 personnel of which 700 serve at HQ and the remaining staff serve at offices worldwide. NCIS is the Department of Navy (DON) component with primary responsibility for criminal investigation, law enforcement (LE), counter-terrorism (CT), counterintelligence (CI), and cyber matters. NCIS not only has primary responsibility for all criminal investigative, CI, CT, and cyber matters within the DON, but it also has exclusive investigative jurisdiction in non-combat matters involving actual, potential, or suspected criminal, terrorism, sabotage, espionage, and subversive activities. NCIS provides the DON with threat status and warnings associated with terrorist, criminal, cyber, and counterintelligence activity throughout the world. NCIS is the only DON organization that has the information and responsibility to fuse and analyze the national intelligence and law enforcement information necessary to provide these warnings. The Information Technology Directorate (ITD) supports the NCIS core mission areas to investigate and defeat criminal, terrorist, and foreign intelligence threats by planning for and providing services through appropriate use of the people, equipment, technology, and infrastructure resources of the United States Navy and Marine Corps. Responsibilities: * Designs, develops, engineers, and implements solutions that meet DON security requirements. * Responsible for ensuring the integration and implementation of computer system security solutions. * Performs risk analyses of computer systems and applications during all phases of the system development life cycle. * Identifies test requirements and tools based upon system architectures. * Develops, reviews and implements security test plans and procedures. * Establishes and satisfies system-wide information security requirements based on analysis of user, policy, regulatory, and resource demands. * Supports the Government Cyber security Managers in the development and implementation of cyber security doctrine and policies. * Initiates, prepares, processes and monitors DoD Information Assurance Certification and Accreditation (C&A) Process (DIACAP) and Assessment and Authorization (A&A) Risk Management Framework (RMF) packages; ensures existing C&A and A&A packages are maintained in a compliant status; verifies and validates C&A and A&A package requirements and configuration modifications are performed and tested. * Manages and maintains C&A and A&A packages using eMASS and XACTA tools. * Reviews system engineering documentation, CONOPS, installation and configuration specifications to determine security requirements and to identify security concerns. * Prepares briefing slides, status charts and support documentation as presentations for the client. * Must have experience with using public key-based technologies for applications. Basic Qualifications: * BS degree; additional years of experience may be considered in lieu of degree * 7+ years of experience in the systems security discipline with specific emphasis on Navy Information Assurance practices. * Experience in the development of Assessment and Authorization (A&A) and Certification and Accreditation plans (C&A), Host Based Security Systems (HBSS), Assured Compliance Assessment Solution (ACAS) vulnerability scanning. * Experience with Enterprise Mission Assurance Support Service (eMASS) tools. * Experience preparing, processing, assessing, validating and maintaining DIACAP and RMF packages using eMASS and XACTA tools. * Training or experience processing DIACAP to RMF transition packages. * Security+ * Top Secret Preferred Qualifications: * Completed Navy RMF training * Certified as Navy Qualified Validator (Level II or III) * Fleet Cyber Command experience Scheduled Weekly Hours: 40 Travel Required: None T elecommuting Options: Some Telecommuting Allowed Work Location: USA VA Quantico Additional Work Locations: We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done. \n\nGDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class. General Dynamics Quantico VA

Information Assurance Security Specialist

Smartronix