SeKON
Information Assurance Security Specialist
SeKON, San Antonio, Texas, 78208
SeKON is looking for an Information Assurance Security Specialist to join our talented and innovative team supporting the Defense Health Agency (DHA) in San Antonio, TX. As an Information Assurance (IA) Security Specialist, you will be responsible for supporting the management and security of the JBSA Sites and their supported networks. You will ensure compliance with IA standards, perform security assessments, and provide technical expertise to maintain a strong security posture for government systems and networks. Your role will involve assisting with system security practices, certification and accreditation processes, and vulnerability management, ensuring that all IA requirements are met. With over 25 years of experience, SeKON specializes in providing large-scale health IT programs in support of federal government customers including the Centers for Disease Control (CDC), Centers for Medicare and Medicaid (CMS), Defense Health Agency (DHA), and National Institutes of Health (NIH). Our vision is "To be the premier management and technology consulting firm providing solutions that improve quality of life and work". RESPONSIBILITIES: Basic Cyber Assessment: Perform Basic Cyber Assessments using the NIST SP 800-171 DoD Assessment Scoring Template. Enter results electronically into the Supplier Performance Risk System (SPRS) for all relevant contractor information systems associated with an offer, contract, task order, or delivery order. System Security Analysis: Specialize in the analysis and application of system security practices across various organizational and agency environments. Assist system owners and Information System Security Officers (ISSO) in designing, developing, and writing certification and accreditation (C&A) documentation to help organizations obtain Authority to Operate (ATO) on systems and environments. Compliance with NIST and DoD Standards: Follow National Institute of Standards and Technology (NIST) and Department of Defense (DoD) IA Certification and Accreditation Process standards to ensure compliance in all security operations and assessments. Mission Assurance Category (MAC) Administration: Administer security features for Government Mission Assurance Category Three (MAC3) and MAC Two (MAC2) environments, including access control, malicious code protection, vulnerability and patch management, audit logs, attack sensing, and network protection. IA Security Compliance Reviews: Administer and support DoD, MHS, and DHA IA security compliance reviews, including ad-hoc, annual, and quarterly scans. Respond to security information requests and support certification and accreditation activities to maintain a compliant security posture. Security Review for New Systems: Conduct security reviews for all new or modified systems, devices, and configurations to ensure consistent security practices are applied and maintained. Security Documentation Management: Maintain and update all security-related documentation, including System Security Authorization Agreements (SSAA), mitigation strategies, waivers, approvals, ports and protocol registration, and user rights tracking. Incident Investigation: Assist in detailed investigations and documentation of security incidents as required, ensuring thorough and timely reporting of security events. CAC Login and PKI Support: Support the Government's directive to maintain and sustain all aspects of Common Access Card (CAC) login, Public Key Infrastructure (PKI) technology, or other two-factor authentication systems authorized by the Government. Expertise in Security Tools: Provide expertise in government scanning tools such as Retina, AppDetective, and ACAS. Use forensics analysis and Intrusion Prevention Systems (IPS) to ensure network integrity and identify vulnerabilities. User Rights and Application Databases Management: Maintain application approval databases, manage user rights forms, and ensure accurate records for system access and permissions. In this role, you will be instrumental in safeguarding government networks and systems by ensuring compliance with security standards, managing incidents, and continuously maintaining a robust security infrastructure. REQUIREMENTS: Bachelor's degree in Computer Science, Engineering, or a related field. Active DoD Secret Clearance required. Experience with NIST and DoD IA Certification and Accreditation Process standards. Proficiency in IA security compliance reviews and cyber assessments, including NIST SP 800-171. Knowledge of security scanning tools (Retina, AppDetective, ACAS) and government security protocols. Strong understanding of CAC login, PKI technologies, and two-factor identification protocols. Ability to manage security documentation, investigate incidents, and provide detailed reports on security posture and incidents. Strong consulting and communication skills with demonstrated ability to work collaboratively across fast-paced and dynamic teams and at various levels of leadership. Strong understanding of Joint Health Service Support or Defense Health Agency processes. Superior verbal and written communication skills. Proven ability to present effectively to senior government officials. Ability to work collaboratively and proactively with customers and program office members in a multi-vendor environment. Willingness to serve in various ad hoc roles, including contributing to proposal efforts and participating in hiring processes.