Information Assurance Engineer
SAIC · Scott AFB, IL · Today
Information Technology$80k–$120k/yrFull-time
Responsibilities
- Develop and coordinate all authorization documentation associated including the Systems Categorization, Systems Security Plan, and Systems risk assessment.
- Manage the Authority to Operate (ATO) packages using continuous monitoring strategies outlined by the ISSM.
- Support the control assessment, reporting and monitoring processes using the Cyber Security and Assessment Management (CSAM) system.
- Create and maintain all minor/major modification documentation.
- Maintain all waivers and Risk assessment for the ISSMs.
- Affiliate with the ISSMs with decisions that affects the security of their systems and networks.
- Facilitate preparations for all Contingency/Incident response assessments.
- Perform and document risk assessments, analyzing security vulnerabilities, and the metrics to measure the risks associated with those vulnerabilities.
- Design and develop of comprehensive Systems Security Plan, covering at a high level the infrastructure, policies and procedures which define the systems security profile for the enclave systems.
- Review and validate System Test and Evaluation (ST&E) and Interim Authority to Test (IATT) reviews for new and/or legacy systems.
- Review and conduct NIST-based Self Assessments, identifying any weaknesses which need to be addressed, and developing a Plan of Action and Milestones (POA&M) for each of those weaknesses based on industry best practices.
- Requesting risk acceptance for vulnerabilities that cannot be remediated or mitigated.
- Create and track Plan of Action and Milestones (POA&M) for mitigation of risks identified via the ACAS and STIG processes.
- Design and development of Initial Privacy Assessment (IPA) and Privacy Impact Assessments (PIAs) for each major Federal Government IT Systems.
- Utilize the eMass tool to manage the security profile for the system.
- Utilize the Ports, Protocols, and Service Management (PPSM) tool and processes to register ports, protocols, and services in use by the enclaves.
Qualifications
- BA/BS with minimum of four (4) years of experience.
- DoD Secret clearance or higher.
- Must have at least one of these IAT Level II certifications: Security+, CECCNA-Security, CySA+, GICSP, GSEC, CND, SSCP.
- Must have at least one Computing Environment (CE) certification or certificate for the technical area of responsibility for Network support/defense (e.g., Splunk, Cisco, McAfee, etc.) OR Operating System (e.g., Microsoft, Linux, Solaris, etc.).
- Desired: ITIL V4 Foundations certification.
- Desired: One of the IAM Level II certifications: CAP, CASP+, CE, CISM, CISSP (or Associate), GSLC, CCISO, HCISPP.
Pay
Target salary range $80,001 - $120,000.