Information Assurance-Security Engineer Level 3 114-008
Apply NowCompany: IC-CAP LLC
Location: Herndon, VA 20171
Description:
Information Assurance-Security Engineer Level 3:
As a Information Assurance-Security Engineer on the TALOS program, you will be expected to:
Required Qualifications:
Desired Qualifications:
As a Information Assurance-Security Engineer on the TALOS program, you will be expected to:
- Design and implement safety measures and controls. Monitor network activity to identify vulnerable points. Address privacy breaches and malware threats.
- Support the Assessment and Authorization (A&A) processes and Information Assurance documentation for multiple analytic and mission systems across all CLINs
- Generate and maintain the complete security Body of Evidence (BoE) while leading the A&A activities according to the Risk Management Framework (RMF) processes (ICD 503, CNSSI-1253, NIST 800-37, NIST 800-53, etc.) for all multiple information systems
- Author, complete and maintain the System Security Plan (SSP) within XACTA
- Develop the Security Controls Traceability Matrices (SCTM), and the Security Test Plan (STP) procedures within Xacta.
- Analyze existing security systems and make recommendations for changes or improvements Monitor the network and provide early warning of abnormalities or problems RMF, Xacta experience.
- Experience working with software developers and architects to understand security requirements
- Experience guiding the application developers on security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements
- Experience supporting the Continuous Monitoring of operational systems; experience monitoring and auditing operational systems for proper use
- Log Review/Analysis using SIEM tools (Splunk, etc.)
- DISA STIGs and STIG Viewer experience
Required Qualifications:
- 9+ years supporting Assessment and Authorization (A&A) and information assurance processes and documentation using RMF.
- BS degree; 7 years of experience with a masters; an additional 4 years of experience required in lieu of a degree (will consider at Staff level with the appropriate years of experience).
- Hands-on experience to validate control implementations and test procedures.
- Knowledge of current security risks and protocols.
- Willingness to work outside of standard hours if circumstances require.
- RMF, Xacta experience.
- Good analytic and problem-solving skills.
- DoD Approved 8570 Baseline Certifications (eg, Security+) certifications.
- DoD Approved Clearance and Poly
- Work 100% onsite in a secure environment
Desired Qualifications:
- Experience working with AWS/Google cloud-hosted information systems or applications
- Experience working with Redhat or CentOS Linux operating systems
- Experience working in a DevSecOps environment and tool chain