back Back to Jobs

Information Assurance Specialist

Location: Bethesda, MD
Job # 995586
Date Posted: 05-03-2012
Job Description
The Information Assurance Specialist shall provide information assurance/security (IA/IS) expertise to the IT enterprise. Provides technical knowledge and analysis of highly specialized IA/IS applications and systems. Assists the Information Assurance Manager on all aspects of DoD network authority/certificate to operate for the enterprise, including DIACAP/DITSCAP documentation and certifications. Applies IA/IS principles, methods and knowledge to specific task order requirements.

Specific Responsibilities
• Determines enterprise information assurance and security standards
• Develops and implements information assurance/security standards and procedures
• Coordinates, develops, and evaluates security programs. Recommends IA/IS solutions to support customer requirements
• Identifies, reports, and resolves security violations
• Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands
• Supports customers at the highest levels in the development and implementation of doctrine and policies, as required
• Applies IA/IS knowledge to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures
• Performs analysis, design, and development of security features for system architectures
• Analyzes and defines security requirements for enterprise IT systems, including servers, network devices, and workstations
• Designs, develops, engineers, and implements solutions that meet security requirements
• Provides integration and implementation of the computer system security solution
• Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems
• Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle
• Ensures that all information systems are functional and secure
• Participates in Information Assurance working groups (Government sponsored or private) to obtain the latest security and regulatory guidance (including applicable privacy laws and statutes)
• Identifies and analyzes vulnerabilities, and recommends countermeasures for the identified vulnerabilities
• Manages the information assurance vulnerability management program for all systems, sites, and networks in accordance with DoD regulations and standards
• Performs Security Test and Evaluations for accreditations (ST&E)
• Performs Risk Assessments and Vulnerability Assessments (risk management)
• Responds to security incidents
• Supports certification and accreditation activities in support of systems, sites, and networks
• Coordinates with outside entities in support of audits and inspections and provides any required documentation in support of such audits/inspections
• Provides support to other information assurance or cyber security initiatives, as required, by the Senior Information Assurance Officer

Top Secret security clearance
Bachelor's Degree
Security + (required)
DOD 8570.01-M IAT LEVEL II certification (GSEC, Security+, SCNP, or SSCP) (DESIRED)
eEye Retina (desired)
NESSUS (preferred) vendor certification or
DISA training certificate;
ITIL® V3 Foundation Certification

• 5-8 years IA/IS experience in the Intelligence or DoD communities and hands-on experience with HBSS administration
• Experience performing certification and accreditation activities in support of DoD sites, systems, and networks
• Demonstrable information assurance risk management experience in DoD organizations of similar size and scope, including secure communications-computer operational architectures, procedures and environments; network security risk analyses; system accreditation; security test and evaluation; and information security
• Demonstrable experience in evaluating and implementing Information Assurance and Information Security tools for assessing and maintaining system security to support system development and integration
• Demonstrable intensive and progressive experience performing appropriate analyses to ensure threat assessments, protection, detection, and reaction functions are performed
• Demonstrable knowledge of DoD certification and accreditation processes in accordance with DoD 8510.01, DoD 8500.1, and DoD 8500.2 and maintain established accreditation baselines
• Demonstrable experience in managing, responding to, and resolving crisis situations caused by network attacks
• Demonstrable experience analyzing firewall rule sets and router access control lists (ACLs);
• Intensive and progressive experience analyzing network and security devices, to include bridges, routers, controllers, firewalls, gateways, communications devices, network and security monitoring and management tools
• Demonstrable experience in managing and maintaining the DISA Vulnerability Management System (VMS)
• Demonstrable experience using eEye Retina and/or Nessus vulnerability scanning tools, HBSS, and the use of DISA Gold Disk
• Experience with EnCase, Netwitness, or ArcSight.
this job portal is powered by CATS
Return to top ↑