Every day at Perspecta, we enable hundreds of thousands of people to take on our nation's most important work. We're a company founded on a diverse set of capabilities and skills, bound together by a single promise: we never stop solving our nation's most complex challenges. Our team of engineers, analysts, developers, investigators, integrators and architects work tirelessly to create innovative solutions. We continually push ourselvesto respond, to adapt, to go further. To look ahead to the changing landscape and develop new and innovative ways to serve our customers.
Perspecta works with U.S. government customers in defense, intelligence, civilian, health care, and state and local markets. Our high-caliber employees are rewarded in many waysnot only through competitive salaries and benefits packages, but the opportunity to create a meaningful impact in jobs and on projects that matter.
Perspecta's talented and robust workforce14,000 strongstands ready to welcome you to the team. Let's make an impact together.
We are currently seeking an Information Security Analyst for our Alexandria or Herndon VA location on a project for the U.S. Department of Defense.
Individual must be U.S. Citizen, holding an active/current DoD Secret or Top Secret clearance (based on SSBI investigation) and a Current Security+ in good standing certification
This individual will participate in a team environment supporting a U.S. Government contract that provides personnel security management to DoD. The position ensures that the program complies with the government's Information Assurance (IA) security requirements, including developing, reviewing and updating security documentation, evaluation and resolution of new Information Assurance Vulnerability Alerts (IAVAs), successful Certification and Accreditation (C&A) process evaluation, evolution and compliance, development and management of POAMs, demonstrated knowledge of eMASS, and the completion of IA reporting requirements.
The candidate will need strong information assurance skills, knowledge of the Risk Management Framework, comprehensive understanding of DoD guidance including NIST SP 800.xx, FIPS 199, DoD 8500.x, Defense Information Technology Security Certification and Accreditation Process (DITSCAP) and Defense Information Assurance Certification and Accreditation Process (DIACAP). This is a hands-on IA position and is not a management position.
Responsible to ensure the program complies with the government's IA security requirements; closely working with lead IA Engineer, Program Manager and other team leads.
Must be pre-emptive in planning and execution of continuous monitoring efforts in support of the achievement of DoD goals and objectives, effectively communicating security risks, maintaining security posture in accordance with established Mission Assurance Category (MAC) level.
Responsible for proactively assessing impacts of findings, develop and implement remediation plans, engaging the Dev/Ops team to ensure security activities are methodically included in roadmap and report all security activities and findings in formal monthly deliverables.
Overall responsibility for the planning and technical SME's execution of all STIG remediation.
Responsible for creating and tracking Plan of Action and Milestone (POA&M) reports.
Responsible to create program documentation detailing system security concepts, system security assessments, tailored security plans, and vulnerability assessments.
Responsible to work with the government to support obtaining accreditation of the production system via certification testing of its respective elements, consisting of process support, analysis support, coordination support, security certification test support, and security documentation support.
Responsible to follow program standards, processes and procedures, to deliver high quality components/products.
Responsible to provide clear and timely status to management as required
At least 3 years of experience in multiple phases of the software development lifecycle
At least 3 years of IAVA analysis and resolution experience
Three or more years of C&A process experience using the RMF.
Demonstrated knowledge of POAMs creating, tracking and managing, creating formal documents detailing system security concepts, system security assessments tailored security plans, and vulnerability assessments.
Demonstrated knowledge of eMASS
Experience in developing security documentation
Familiarity with Department of Defense personnel security issues is a plus
Additional knowledge not required but extremely beneficial:
Relational database concepts
Network File System (NFS) and/or various storage concepts
Web technologies and protocols, such as Web Services, TCP/IP, SFTP, HTTP, HTTPS
WebLogic, Mule, and/or Golden Gate
Education and Experience Required:
EEO Tagline: Perspecta is an AA/EEO Employer - Minorities/Women/Veterans/Disabled and other protected categories