Information Assurance Engineer
SAIC · Scott AFB, IL · 3 wk ago
Information Technology$120k–$160k/yrFull-time
About the role
The Information Systems Assessment and Authorization analyst supports an IT Service Management effort for USTRANSCOM at Scott Air Force Base (AFB) in Illinois. They provide strategic, technical, and program management guidance and support services to enhance the combatant command's infrastructure, systems, and applications.
Responsibilities
- Develop and coordinate all authorization documentation associated including the Systems Categorization, Systems Security Plan, and Systems risk assessment.
- Support the control assessment, reporting and monitoring processes using the Cyber Security and Assessment Management (CSAM) system.
- Create and maintain all minor/major modification documentation.
- Maintain all waivers and Risk assessment for the ISSMs.
- Aid the ISSMs with decisions affecting the security of their systems and networks.
- Facilitate preparations for all Contingency/Incident response assessments.
- Perform and document risk assessments, analyze security vulnerabilities, and measure associated risks.
- Design and develop comprehensive Systems Security Plans, covering infrastructure, policies, and procedures defining the systems security profile for enclave systems.
- Review and validate System Test and Evaluation (ST&E) and Interim Authority to Test (IATT) reviews for new and/or legacy systems.
- Conduct NIST-based Self Assessments, identify weaknesses needing addressing, and develop POA&M based on industry best practices.
- Request risk acceptance for vulnerabilities that can't be remediated or mitigated.
- Create and track Plan of Action and Milestones (POA&M) for risk mitigation via ACAS and STIG processes.
- Develop and conduct Initial Privacy Assessments (IPAs) and Privacy Impact Assessments (PIAs) for major Federal Government IT Systems.
- Manage the security profile of systems using the eMass tool.
Requirements
- Minimum of ten (10) years of experience.
- DoD Secret clearance or higher.
- At least one of these IAT Level II certifications: Security+, CECCNA-Security, CySA+, GICSP, GSEC, CND, SSCPM.
- At least one Computing Environment (CE) certification or certificate for the technical area of responsibility for Network support/defense (e.g., Splunk, Cisco, McAfee, etc.) OR Operating System (e.g., Microsoft, Linux, Solaris, etc.).
Qualifications
- BA/BS in ITIL Foundations (v4 or higher) certification preferred.
- One of the IAM Level II certifications: CAP, CASP+, CE, CISM, CISSP (or Associate), GSLC, CCISO, HCISPP.
Pay
The target salary range for this position is $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Schedule
This position is for Monday through Friday, normal business hours. Employee may be required to provide after-hours and weekend support during planned or emergency events.