- Perform, or review, technical security assessments of computing environments to identify points of vulnerability, non- compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies
- Validates and verifies system security requirements definitions and analysis and establishes system securitydesigns. Assesses and mitigates system securitythreats/risks throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. Reviews certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content.
- Assists architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions. Supports the building of securityarchitectures. Enforce the design and implementation of trusted relations among external systems and architectures.
- Validates and verifies system security requirements definitions and analysis and establishes system securitydesigns. Designs, develops, implements and/or integrates IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements. Builds IA into systems deployed to operational environments.
- Support security authorization activities in compliance with NSA/CSS Information System Certification and Accreditation Process (NISCAP) process, the NIST Risk Management Framework (RMF) process, and prescribed NSA/CSS business processes for security engineering.
- A Bachelor’s Degree. Advanced Degree with concentration in Information Security or Cyber Securitypreferred.
- Minimum 5 Yrs experience including Retina and ACAS.
- Must be Information Assurance (IA) Trained and Certified per the Defense Federal Acquisition Regulation Supplement IAW DoD 8570.1-M, Change 2, and the Army Information Assurance (IA) Training and Certification Best Business Practice. IAM Level III: CISM, CISSP (or Associate), or GSLC.
- Enterprise Mission Assurance Support Service (eMASS) capability.