|
|||||
<
/td>
|
Job Description: Job Title: Information Assurance AnalystLocation: Patuxent River, MD Clearance Requirement: Secret Clearance Job Description: The contractor will be providing IA analysis and support to the NAWCAD 726 ODAA/NMCI Transition C&A Team Lead and will be expected to: • Keep abreast of DoD, DoN and NAVAIR policy/processes related to IA and Computer Network Defense. • Support Program Managers, Project Leads, Application Developers, System Administrators, and IAOs with respect to ensuring the required documentation is prepared, reviewed, and retained in accordance with FISMA guidance • Provide IA support to NAVAIR/NAWCAD systems and networks that are operated in conjunction with the IT/IM Data Center • Perform Risk Assessments based on vulnerability scans, test and evaluation reports based on system architecture. • Prepare and sustain Information System security accreditation documentation in accordance with the DIACAP (e.g.,. C&A Plan, IA Control Implementation Plan, Validation Plan and Procedures, Validation Report, SIP, POA&M, etc.) • Assist customers (e.g., Program Managers, IAOs and System Administrators, etc.) with development of C&A artifacts (e.g., Privacy Impact Assessment, Contingency Plan, SIPRNet Connection Questionnaire, Interconnection Agreements/Security MOAs, etc.,) as required. • Provide capability to identify technical security-related issues of both current and planned systems and networks as assigned by the C&A Team Lead • Be able to effectively coordinate C&A efforts with AD 7.2.6 Business Unit Validator, and customers as required. • Record, track and work actions for DIACAP packages • Process and follow-up on/maintain compliance with DIACAP packages and other C&A-related documentation • Understand DoD/Navy Firewall Policy/Ports, Protocols, and Services • Conduct and comprehend vulnerability scans and develop mitigation strategies. • Have working knowledge of the DIACAP Handbook and DoD/Navy IA and CND regulations, processes and technical requirements • Triage incoming security packages (check for accuracy, validation of content and prioritization)• Develop and maintain metrics and maintain a "SWP/SOP/Desk Guide" for all assigned duties Experience Requirements: Requires 5-8 years experience or equivalency. The candidate should have experience developing, reviewing and analyzing DIACAP packages and other C&A documentation in accordance with the accreditation process (DITSCAP/DIACAP). He or she should be experienced with reviewing security architecture and design diagrams detailing ports, protocols, etc.,. for major DoD and Navy operational Programs of Record, RDT&E labs and weapons programs. He/She should be able to analyze and review the results of network and system vulnerability scans and be able to test and validate IA controls per the DIACAP Knowledge Service. The candidate should be experienced with hardening and scanning tools such as the DISA Gold Disks, Security Readiness Reviews, Retina, Hercules, etc., The candidate needs to be a team player and be able to formally train system administrators and IAOs with respect to IA, C&A, CND, IAVM, and methods for securing their systems and networks. The candidate needs to have excellent communication skills and be able to multitask in a stressful environment. Candidate must have hands-on IA experience and will be required to draft accreditation support documentation.He/She will be required to attend collaboration meetings with NETWARCOM and be able to review and comment on the system architecture and security posture; coordinate security implementation issues with the appropriate Government officials and/or prime contractors; and support security testing. A candidate with experience assisting in the certification and accreditation of DoD systems with Cross Domain Solutions and DISN circuits is desired. Travel to NAVAIR sites may be required.Highly desirable skills include an in depth understanding of an IT/IM technical environment Performing tasking in the operations analysis discipline areas. Independently performs complex tasks in operations systems discipline. Candidate must currently hold an approved DoD 8570 compliant IA certification at the IAM II level (or achievable within six months of employment) Required Experience for the Job: Experience must include demonstrated analytical skills and the ability to analyze customer requirements for security issues and drafting accreditation support documentation IAW the DITSCAP/DIACAP. An understanding of FISMA compliance requirements and IA requirements for the IT/IM Data Center systems. Education Requirements: Requires BS/BA degree or equivalent training/experience.
An Equal Opportunity Employer M/F/D/V |
||||||||||||||
|
||||||||||||||
|
