Logo
Sev1Tech

Information Assurance Specialist - Mid Level

Sev1Tech, Washington, District of Columbia, us, 20022


Overview/ Job Responsibilities

Sev1Tech is looking for the right candidate to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety. The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support. Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.

We're looking for an Information Assurance Specialist (Mid-Level) to assist our customer in overseeing and supporting Information Security Control Assessments, Intrusion Defense Chain FISMA Metrics Tracking, and a Industry Cyber Hygiene Data Assessment Program.

The Information Assurance Specialist (Mid-Level) will oversee Information System Security Control Assessments, including:

Developing and maintaining an overall Security Assessment Schedule.Developing testing artifacts for each system including as appropriate Rules of Engagement, a technical assessment plan, Security Requirements Traceability Matrix, Security Assessment Report, and other necessary documentation.Scheduling and performing technical assessments of systems and applications to determine the severity of security control weaknesses.Executing assessments through reviewing system security documentation, vulnerability scan results, audit logs, configuration guides, and any other additional material provided by the system and system stakeholders.Documenting results of assessments in the compliance tool utilizing a standard reporting format for recording assessment results and findings along with recommended mitigations.Updating and maintaining all testing templates and standard operating procedures.Collecting and storing all final materials and media.The Information Assurance Specialist (Mid-Level) will oversee Intrusion Defense Chain FISMA Metrics Tracking, including:

Testing the ability to properly classify malicious logic investigations using the Intrusion Defense Chain (IDC) FrameworkCreating example malicious logic and disseminate to all DHS ComponentsTracking and reporting compliance and accuracy in classifying malicious logic using the IDC FrameworkCreating and maintaining IDC Metrics for the annual Information Security Performance PlanThe candidate will ensure performance of the customer's Industry Cyber Hygiene Data Assessment Program, including:

Establishing, documenting, and continually refining CONOPS and standard operating procedures documentation for the Cyber Hygiene Assessment (CHA) TeamDeveloping and maintaining a management schedule for all CHA data analysis and assessment activitiesCoordinating with CHA personnel to collect artifacts, define scope and establish governance functions for assessments and analysis of industry cyber hygiene dataEstablishing performance metrics and process improvement criteria stemming from the results of industry cyber hygiene assessments and analysisEvaluating results and provide recommendations in determination of industry cyber hygiene maturityCreating both draft and final deliverable reports stemming from industry assessments and analysis for Federal CHA program personnel consumption and reviewDeveloping, maintaining, and updating any additional program documentation on an ongoing basisMinimum Qualifications

BA or BS degree, preferably in Information Security, Information Systems, Cybersecurity, Information Technology/Network Administration or related discipline, OR 4-8 years of direct experience may be substituted in lieu of degree

At least 4 years experience in the federal IT services industryKnowledge and experience with the Risk Management FrameworkKnowledge of federal security standards, frameworks, and directives, including NIST, OMB, and DHSExperience managing small teams performing Information Assurance activitiesThorough understanding of the Security Authorization and ATO requirements and processesMust possess one (1) or more of the following IAT Level II certifications: GSEC - GIAC Security Essentials; CompTIA Security+ CE; or SSCP - Systems Security Certified PractitionerMust possess one (1) or more of the following IAM Level II certifications: GSLC - GIAC Security Leadership Certification; CAP - Certified Authorization Professional; CISM - Certified Information Security Manager; CISSP or Associate - Certified Information Systems Security Professional; or CASP - CompTIA Advanced Security Professional.Excellent communication skills, including the ability to brief customer management and leadershipA successful track record of providing excellent customer serviceUnderstanding of best practices for Intrusion Detection and assessing Intrusion Detection performanceKnowledge of organizational cybersecurity hygiene best practices ad the ability to assist customers in establishing, promoting, evaluating, and improving themAbility to provide proof of U.S. Citizenship in order to obtain a DHS Public TrustDesired Qualifications

DHS experience

About Sev1Tech LLC

Founded in 2010, Sev1Tech provides IT, engineering, and program management solutions delivery. Sev1Tech focuses on providing program and IT support services to critical missions across Federal and Commercial Clients. Our Mission is to Build better companies. Enable better government. Protect our nation. Build better humans across the country.

Join the Sev1Tech family where you can achieve great accomplishments while fostering a satisfying and rewarding career progression. Please apply directly through the website at: https://www.sev1tech.com/careers/current-openings/#/ #joinSev1tech

For any additional questions or to submit any referrals, please contact: eileen.mckenzie@sev1tech.com

Sev1Tech is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.