Location: Fort Belvoir, VA 22060
Clearance Required: Active Secret (Eligible for TS/SCI)
Job Description: The job of the Information Assurance Analyst is to provide guidance and expertise to the customer to ensure all Information Assurance policies, instructions, and directives are followed and maintained.
This includes, but is not limited to, the following areas of responsibilities:
Daily Tasks- Monitor and review Information Assurance Vulnerability Management (IAVM) notices to determine whether they apply to the Information Systems environment.
- Perform routine system vulnerability scans on all network attached devices utilizing Tenable Assured Compliance Assessment Solution (ACAS) and all its associated programs.
- Perform STIG scans of systems utilizing Evaluate-STIG.
- Import all Evaluate-STIG findings into STIG Manager for STIG tracking and reporting.
- Review, monitor, and report information being sent to the Security Event Management (SEM) for irregular or suspicious activity.
- Create work orders for relevant IAVM notices and vulnerability remediation to be carried out by the Information Technology Support Services (ITSS) team.
Implementation- Work with the ITSS team to maintain current and supported software versions on ACAS solution and the SEM.
Troubleshooting- Assist the ITSS team to research and remediate known and found system vulnerabilities.
Security- Comply with all Department of War (DoW) Information Assurance policies, instructions, and directives.
- Comply with all Department of the Air Force (DAF) Information Assurance policies, instructions, and directives.
- Perform TEMPEST inspections and drawings, as needed.
- Perform duties as an assigned Information System Security Officer (ISSO).
Documentation- Inspect and assist with correcting user folder documentation.
- Update and maintain TEMPEST drawings for all buildings.
- Review and update system(s) control documentation.
- Assist the ITSS team with the creation, updating, and enforcement of agency IT policies and procedures.
- Update and maintain documents for all ATO/ATC packages within eMASS and Xacta, as appropriate.
Skills / Qualifications- The ideal candidate will have a minimum of 3 years of Information Assurance experience.
- Must possess a minimum current adjudicated SECRET security clearance at time of start and be able to obtain and maintain a TS/SCI security clearance.
- Must possess a minimum current CompTIA Security+ ce certification at time of start. Other certifications may be accepted upon customer approval.
- Must have a good working knowledge in the use of the various Microsoft Office 365 suite of products. Microsoft Visio experience desirable.
- eMASS and Xacta experience desirable.
- ACAS (Tenable Security Manager, Nessus Scanner, and Windows Agent Manager) and SEM (SolarWinds Security Event Manager) experience desirable.
- Evaluate-STIG and STIG Manager experience desirable.
Additional Items- Must be able to lift 70lbs.
- Capable of working with minimal guidance.
- Some travel may be required to perform assigned duties.
