Information Assurance (IA)/Security Specialist
This position requires the ability to secure a security clearance of secret level.
The Information Assurance / Security Specialist is charged with the assuring information and managing risks related to the use, processing, storage, and transmission of information or data and the systems and processes used for those purposes.
Location: Arlington, Virginia
- Conduct security assessments of system security plans to help ensure that plans provide security controls for information systems that meet stated security requirements.
- Support the risk management process by helping to determine and assign risk impact ratings in accordance with Information Assurance for Information Security Officers (ISSO) standards guidelines and methodologies and by aiding in the development and maintenance of Plans of Action and Milestones for IT systems identified in the Risk Management Framework process and annual security assessments of IT systems.
- Conduct comprehensive assessments of the management, operational, and technical security controls employed within or inherited by an information system to determine the overall effectiveness of the controls.
- Ensure compliance of security configurations for IT systems and aid in providing clear and concise processes and procedures for the implementation and enforcement of system security configurations.
- Provide assessments of the severity of weaknesses or deficiencies discovered in the information system and its environment of operation and recommend corrective actions to address identified vulnerabilities and prepare the security assessment reports containing the results and findings from system security asse
Education and/or Experience
Minimum Education Required
- BS/BA degree in Computer Science, Information Sciences, or related IT discipline
- Allowable Substitution: Additional ten (10) years of related professional experience can be substituted for a BS/BA degree.
Minimum Experience Required
- A minimum of 8 (eight) years of professional experience in Information Assurance is required.
- A minimum of 8 (eight) years related in the Information Assurance field.
- Must have experience with FISMA processes, NIST guidance, and writing security controls.
- Multi-task capability, handling multiple projects and serves as advisor for other application development staff to ensure ISSO standards are adhered. Serves as primary contact and technical advisor to clients and application developers to provide established ISSO standards during and post software development lifecycle and project management lifecycle.
- Extensive knowledge of the US Government Information Assurance Security Processes.
- Familiarity with the Security Technical Implementation Guide (STIG) and Security Readiness Review (SRR) is desired.
- Knowledge of DOS/FSI specific Information Assurance policies and procedures, and processes are also desired.
- Prefer to have hands on experience and at least one of the following professional certifications: Security+; CISSP, CISA, GSEC, or GSLC & OS Certificates.
The minimum experience and education requirements for this position are due to the complexity, at the program level, of the tasks at hand. This senior level position will be instrumental in scheduling and managing projects to support Information Assurance processes. This position will provide guidance and support to all technical positions including system architects, developers and database administrators. The requirements as stated above reflect industry standards.