Information Assurance Systems/Network Specialist

Title: Information Assurance Systems/Network SpecialistBelow, you will find a complete breakdown of everything required of potential candidates, as well as how to apply Good luck. Duration: Full Time Permanent The Information Assurance Systems/Network Specialist will provide technical cybersecurity and Assessment and Authorization (A&A) support for NS3, including the implementation of security standards, risk analysis, and vulnerability management. The contractor will oversee security processes, ensure compliance with industry standards, and collaborate with stakeholders to maintain secure and functional information systems. Key Responsibilities: Security Requirements & Compliance: Develop and implement information assurance and security standards, procedures, and policies. Perform risk and vulnerability assessments for systems, ensuring compliance with security requirements. Oversee the A&A process and manage Authorization to Operate (ATO) renewals and annual security reviews. Apply security features and procedures to government and commercial systems, ensuring compliance with FISMA and NIST guidelines. Perform vulnerability/risk analysis across all phases of the system development lifecycle, including critical patch management and remediation. System Security Management: Conduct network vulnerability scans and remediation based on a predefined schedule or as requested. Manage and mitigate security threats, including patching software and addressing security breaches. Continuously monitor and update security tools, encryption techniques, and other system components. Establish and enforce risk and security guidelines for the organization. Configuration & Change Management: Develop and implement change management policies and procedures, including managing a Change Control Board (CCB) and related processes. Perform configuration management for software, hardware, and documentation. Maintain communication with stakeholders to manage project scope, expectations, and process improvements. Risk Management Framework (RMF): Implement the RMF in accordance with NIST standards. Develop and update Plan of Action and Milestones (POA&M) to address identified vulnerabilities. Manage system accreditation packages and ATOs using the DISA Enterprise Mission Assurance Support Service (eMASS) tool. Document cyber security risks and create formal risk assessments. System Monitoring & Reporting: Monitor and audit system and network activities, identify vulnerabilities, and recommend security improvements. Document existing and proposed information architecture, including compliance and security issues. Provide other reports and documentation as required by stakeholders. Deliverables: Other Reports & Documentation: Provide any necessary reports, documentation, or materials related to this task, using government-approved templates. Security & Clearance: Required: Active Top Secret clearance with eligibility for Sensitive Compartmented Information (SCI) access. Certifications: Must hold one of the following DoD-level III Security professional certifications: CISA, GIAC GCIH, GIAC GSE, GIAC GLSC, SCNA, CISM, CISSP, or CISA. Experience and Education: Experience: Minimum of 6 years of related experience. Education: Bachelor's Degree and at least 4 years of experience in a related field.

Created: 2025-03-06