Information Assurance Engineer

Overview

GovCIO is currently hiring a Information Assurance Engineer in support of the Air Force BlueSCI network. This position will be located in San Antonio TX and will be an on-site position.

Responsibilities

Designs, tests, and implements state-of-the-art secure operating systems, networks, and database products. Conducts risk assessments and provides recommendations for application design. Involved in a wide range of computer security issues including architectures, firewalls, electronic data traffic, and network access. Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research. Prepares security reports for government agencies.

• Performs a wide range of computer security duties, including architectures, firewalls, electronic data traffic, and network access.
• Participates in the certification and accreditation processes; performs technical vulnerability assessments of computer security.
• Provides business continuity and disaster recovery support.
• Engages in intrusion detection and prevention; provides incident reporting and response support.
• Conducts ongoing monitoring of computer security requirements and compliance, maintains system security plans and risk mitigation plans.
• Trains clients in proper computer security measures and prevention.

Specifically, this position will:

• Provide support for all vulnerability and compliance scan tool applications and modules (pre-built and customized).
• Develop workflows and customize, implement, and maintain the aforementioned applications.
• Develop and update standard operating procedures (SOPs) and provide training on existing and new technologies to Government personnel. This is informal office training.
• Provide process and operations guides.
• Provide technical support in the daily operations and evaluation of existing security tools, products, and future capabilities. Tools shall include, but are not limited to: Security Log Management, Account Management, Asset Management, Vulnerability Management, End Point Security, and any related network security tools. Current tool sets are: ArcSight, Directory Resource Administration (DRA), Automated Compliance Assessment Solution (ACAS), System Center Configuration Manager (SCCM), Tanium, Host Base Security System (HBSS) and Service Now.
• Maintain operational oversight and manage Command-level and privileged user accounts for the Enterprise using provided Enterprise tools.
• Prepare for and conduct customer briefings, attend, and provide minutes on Technical Exchange Meetings (TEMs), and provide status reports on cybersecurity activities.
• Develop information systems security studies and reports that address areas of information system security concerns. Ensure cybersecurity requirements are incorporated in system development and sustainment activities. Provide consultant services in all areas of information system security, including: physical, administrative, personnel, computer, operations, and industrial security. Provide security documentation and reports within specified timeframes.
• Monitor and report, IAW IC Directives and AF BluSCI policy, the status of security measures established by the Director of National Intelligence (DNI) and related authorizing officials that protect and defend information and information systems, web-based services, remote hosted applications, discovery, storage, operating systems, public key infrastructure (PKI), and other information technology components and applications for the Enterprise.
• Maintain cybersecurity, system security, and sustainment programs. The contractor shall follow all applicable ICD and National Institute of Standards and Technology (NIST) guidance in performing day-to-day duties.
• Create, edit, and review security accreditation and authorization packages for the AF BluSCI Enterprise. Adhere to the RMF process. Input data into appropriate A&A tool. The current toolset used is XACTA. Review logical network drawings, configurations, and control parameters to ensure they are current. Review documentation required to certify new hardware and software systems for deployment.
• Monitor and administer the vulnerability and compliance scan tool.
• Review AF BluSCI change proposals for security, interoperability, accreditation and authorization issues or vulnerabilities.
• Perform vulnerability and compliance assessments. Conduct security tests and evaluations. Monitor and review Information Assurance Vulnerability Alerts (IAVA) and Information Assurance Vulnerability Bulletins (IAVB).
• Track and provide results to appropriate Government entity for review IAW standard operating procedures.
• Monitor and report mandated Federal Information Security Management Act (FISMA) statistics for the AF BluSCI Enterprise.
• Provide quarterly report to appropriate Government entity in accordance with IC Directives and AF BluSCI policy.

Qualifications

• Clearance Required: TS/SCI
• High School with 6-9 years experience
• MUST have current one of these certifications: CGRC/CAP Or CASP+ Or CCSP OR CLoud+ Or SSCP Or GSEC
• Strong understanding of RMF workflow tools like eMASS or Xacta
• Strong working knowledge of programs working within AF JWICS network rules and guides
• Experience with network management tools, network engineering principles, network analysis
• Expert understanding of A&A process
• Possess an expert understanding of current computer security requirement and compliance
• Expert ability to maintain System Security and Risk Mitigation plans
• Excellent written/verbal communications skills

#NSS

#DL

Company Overview

GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens.

But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer?

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets.

Posted Pay Range

The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an "at-will position" and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors.

Posted Salary Range

USD $115,000.00 - USD $125,000.00 /Yr.