Andworx is looking for an Information Assurance Analyst to join our team supporting a DoD client. As the Information Assurance Analyst, you will assist in oversight of information security best practices for our client including JFHQ-DODIN CTOs, Orders and identified vulnerabilities.
Note : Work location is currently a combination of on-site and remote work within the Washington, DC Metro area.
8 or more years direct experience working in IT;
3 years must be as an Information Assurance Analyst within DoD.
Assist in determination of IA requirements, providing support of implementation and enforcement, and vulnerability remediation.
Ability to engineer and deploy network defense countermeasures.
Experience performing manual assessments in accordance with most recent DISA STIGs.
Strong verbal and written communication skills.
Bachelor's Degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline.
Active Secret clearance : eligibility for this job requires U.S. citizenship.
DoD 857001.M compliant IAT Level II certification (CCNA Security, CySA+ , GICSP, GSEC, Security+ CE, CND, SSCP)
DoD 857001.M operating system certification for IAT Level II
Your primary responsibility as the Information Assurance Analyst is to develop and maintain the programs that help our client meet their information security objectives.
Review and assist with drafting Information Assurance (IA) policies and guidance.
Maintain clients Enterprise Mission Assurance Support Service (eMASS) package for any IT program that requires an Authority to Operate (ATO) :
Review change request information, participate in Change Management meetings providing SME level recommendations based on DoD policy and security best practices.
Monitor and responds to guidance, directives, and issuances from the USCYBERCOM; track and report on compliance with Communication Tasking Orders (CTOs), Task Order (TASKORD), Operational Orders (OPORD), Information Assurance Vulnerability Alerts (IAVAs) using the Continuous Monitoring and Risk Scoring (CMRS) System.
Perform scans and analysis of client's devices for compliance with federal, DoD, and USCYBERCOM requirements.
Provide current vulnerability reports and historical trending to leadership.
Track and monitor IA Workforce Improvement Program (IAWIP) compliance :
Maintain and create SOPs as needed.
Maintain, create, and submit IA accreditation documentation (RMF and ATC packages).
Maintain RMF Authority to connect documentation and controls.
Maintain a tracking log for all Electronic Spillage activity across client's enterprise system.
Participate in Information Assurance (IA) strategic planning activities, evaluating services provided to the Enterprise, including the assessment of security risks, preparing responses to security related data calls and supporting Certification and Accreditation activities, including tracking Plan of Action and Milestone tracking.
Apply federal government security policies and patches.
Maintain Agency public key infrastructure system.
Implement security designs in hardware, software, data and procedures.
Andworx is an Equal Opportunity Employer and provides equal employment opportunity to all individuals regardless of their race, color, creed, religion, gender, age, sexual orientation, national origin, disability, veteran status, or any other characteristic protected by state, federal, or local law.
Employment decisions are based solely on qualifications, merit and business need.