Information Assurance (IA) Expert
Please review details below and if you got the experience and qualifications, please submit your updated resume in MS-Word format to firstname.lastname@example.org
Also you can check other opportunities at:
General responsibilities include technical support, managing risks related to the use, processing, storage, and transmission of information and processes used for those purposes. While focused dominantly on information in digital form, the job includes not only digital but also analog or physical form. Information assurance includes the practice of information security and computer security.
Position requires a person with a minimum of 5 years experience in networking and system administration in a Microsoft Windows Server and IP environment. Under general supervision, maintains network computer hardware and software, interconnections and interfaces, such as servers, routers, firewalls, and gateways. Manages network performance and maintains network security. He/she ensures that security procedures are enforced. Installs tests and configures network hardware and software. Has the ability to analyze the network hardware and software to increase throughput while keeping security in mind. Evaluates, develops and maintains telecommunications systems; Troubleshoots network problems in an expeditious manner. Ensures policies, procedures and standards conform to Department objectives. Person in this position is required to possess good oral and written skills.
The duties will include but are not limited to analyzing the network which includes planning, designing, and upgrading operating systems as well as Information Assurance (IA) management of network devices; securing operating systems, capturing network topologies and documenting protocol traffic; system security documentation, IA controls verification and testing, conduct risk and vulnerability assessments of systems and devices, document systems security contingency plans and disaster recovery procedures, and identify IA requirements. He/she designs, plans, documents and implements network security guidance in accordance with federal compliance. Evaluates new products and resolves equipment and network performance issues.
Strong knowledge of the principles, regulations, and methods pertaining to the federal government, network engineering, security and information assurance to ensure information systems reliability and accessibility; and to prevent and defend against unauthorized access to systems, networks and data
The IA Expert develops an enumeration and classification of the information assets to be protected and perform a risk assessment considering the factors such as the probability and impact of the undesired events subdivided into threats and vulnerabilities and measures the impact in terms of cost thus evaluating the total risk.
Based on the risk assessment, the IA Expert will develop a risk management plan that will feed into the project management plan. The plan will propose countermeasures that involve mitigating, eliminating, accepting, or transferring the risks, and considers prevention, detection, and response. A framework, such as Risk IT, CobiT, PCI DSS, ISO 17799 or ISO/IEC 27001, may be utilized in designing this plan. Countermeasures may include tools such as firewalls and anti-virus software, policies and procedures such as regular backups and configuration hardening, training such as security awareness education,
General responsibilities also include technical support, software testing and computer forensics work. Specifically, the successful candidate will spend approximately 50% of their time providing IT support and the remainder of their time on conducting testing as well as time working on actual cases. The candidate should be prepared to work in varying environments, with occasional domestic and possibly international travel (10%-15%).
The candidate will be a Senior IT support engineer being able to lead technical support professionals, with a broad background in solving IT issues. The candidate must be an experienced problem solver who can work well independently as well as within a team. The candidate should possess good knowledge and experience in networking, Windows desktop/server administration, MS Exchange and Active Directory in a multi-server environment.
The candidate will serve as the principle technical advisor and subject matter expert for cyber security engineering services. The Candidate shall be an expert in the development, direction, and implementation of security in enterprise capabilities to prevent sophisticated cyber threats and vulnerabilities, or detect when prevention fails. The Candidate shall understand the fundamentals of layered defense technologies and processes. The Candidate shall understand the lifecycle of the network threats, attack vectors and methods of exploitation.
The candidate shall be an integral part of a diverse team that leads the world in Mission, Cyber, and Technology Solutions. Candidate will help protect security while working on innovative projects that offer opportunities for advancement.
In providing the basic responsibilities the IA Expert:
• Determines enterprise information assurance standards
• Develop, implement, provide guidance, and enforce security policies and procedures
• Ensure approved procedures are in place for clearing, purging, declassifying, and releasing system memory, media, and output
• Recommends information assurance solutions to support customers’ requirements
• Establishes and satisfies information assurance requirements based upon the analysis of user, policy, regulatory and resource demands
• Applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems
• Perform oversight of the development, implementation and evaluation of information assurance security policy
• Perform analysis of network security, based upon the certification and accreditation process; advise customer on IT certification and accreditation issues
• As a certifier, participate and engage in IA and system security working groups
• Perform risk assessments and make recommendations to customers
• Support government program managers on security testing methodologies and processes
• Evaluate certification documentation and provide written recommendations for accreditation to the client
• Conduct periodic system security reviews to accommodate changes to policy or technology
• Evaluate IT threats and vulnerabilities to determine whether additional safeguards are needed
• When applicable, validate IA controls by ensuring certification tests are accomplished for each information system
• Conduct software and hardware IA assessments and provide risk recommendation for implementation while ensuring proper configuration management
• Conduct certification tests that include verification that the features and assurances required for each system boundary protection level and/or trusted application functionality
• Maintain a repository for all system certification/accreditation documentation and modifications
• Coordinate security inspections, tests, and reviews, as required
• Review System Security Policies to ensure system functionality of IA controls comply with Standards
• Develop policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents
• Support accreditation issues by developing solution oriented IA management plans and recommendations to the client
• Ensure proper protection or corrective measures have been taken when an incident or vulnerability has been discovered within a system
• Architect network protections against advanced threats to networks, systems, and data.
• Contribute to program management, strategic direction, and system architectures for the Enterprise.
• Develop specific mitigations to protect against advanced attackers.
Engage with technical experts from the Intelligence Community, and Industry to identify and solve complex system vulnerabilities.
• Occasional travel required in support of the IA meetings and Team Reviews (about 10-15%)
• Outstanding analytic and problem solving skills
• M.S. in Computer Science, Electrical Engineering, Systems Engineering, or a related technical field plus 5 years experience performing systems security engineering, B.S. and 7 years of related experience,
• IA certification, such as CISSP, is highly desired.
• Must have a working knowledge – of software systems security standards
Knowledge of IA (development, process, policies & procedures, etc.)
• A minimum of 5 years experience is desired in Information Systems Security with an emphasis on Certification and Accreditation (C&A) and/or Security policy development
• Requires experience in developing and staffing management reports and accreditation documentation.
• Effective communication (oral and written) and organizational skill is required
• Strong data analysis skills.
• Current experience with large enterprise information systems and network security architectures.
• Hands-on experience assessing and using tools and technologies designed to counter the advanced cyber threat.
• Can clearly communicate technical solutions to senior, perhaps non-technical, leaders.
• Strong project management and strategic analysis skills.
• Excellent written and verbal skills.