|Date Posted||November 21, 2019|
Job Title: Sr. Information Assurance Specialist
Job Location: Quantico, VA
Overview: Abacus Technology is seeking a Sr. Information Assurance Specialist to provide technical support for the U S Air Force Office of Special Investigations (AFOSI) in Quantico. This is a full-time position.
Major Duties & Responsibilities: Build, coordinate, maintain, change, and keep updated, the Risk Management Framework (RMF) Assessment and Authorization (A&A) packages for the five enclaves administered by AFOSI. Develop and complete System Security Documents in accordance with the DoD Information Assurance Certification and Accreditation (DIACAP) Process. Draft, develop and monitor policy for the IT Enterprise Cyber Surety Division relating to the compliance, validation and assessment of the four networks (NIPRNET, SIPRNET, SAPnet and JWICS) and Major Information Technology Systems (MITS). Maintain and update HQ's AFOSI database for assessing/managing risk, and authorizations for all AFOSI data networks, and maintain and monitor progress of AFOSI assigned IT personnel's progress in maintaining compliance with the Federal Information Security Management Act, Intelligence Community, and DoD compliance requirements. Implement IA controls and assist AFOSI customers with the implementation on IA controls where the IA controls fall outside of the contractor’s area of responsibility. Continuously monitor for control compliance and take immediate actions to bring systems into compliance. Implement and maintain the AFOSI DMZ and boundary control devices. Implement and maintain PKI requirements for AFOSI. Conduct Computer Network Defense (CND) actions, and Computer Network Exploitation (CNE) enabling activities. Defend against unauthorized activity within computer networks including monitoring, detection, analysis (such as trend and pattern analysis), and response and restoration activities. Utilize computer networks to gather data from internal target or adversary information systems or networks in support of operations and intelligence collection capabilities. Determine the attribution and actions taken through the use of computer networks that result in an actual or potentially adverse effect on an information system and/or the information residing therein to develop incident response plans using forensically sound methods and procedures. Ensure that all application deliverables comply with the DISA Application Security & Development and Database STIG, which includes the need for source code scanning and a Web Penetration Test to mitigate vulnerabilities (including as examples, SQL injections, cross-site scripting, and buffer overflows). Ensure successful implementation and tracking of all Network Tasking Orders (NTO), Maintenance Tasking Orders (MTO), Time Compliance Network Orders (TCNO), NOTAM, Time Compliance Technical Order (TCTO), Data Call Orders (DCO) for the systems included in the five AFOSI enclaves identified within this PWS. Review current CCRI requirements and ensure systems and their operations are compliant. Perform self-inspections every nine months and routinely as needed.
Qualifications: 10 years experience in cyber security and information assurance. Bachelor’s degree in a related field desired. Must be CISSP or CEH certified. Familiar with DIACAP, Risk Management Framework (RMF), STIGs, and IA Controls. Experience with development/architecture for apps and services, and testing and administration. Strong knowledge of Microsoft Windows technologies, including Active Directory, Windows Administration, scripting, and Windows configuration techniques. Basic Linux experience to include Red Hat and Fedora. Networking experience including routers, switches, and firewalls. Experience with Cisco and Juniper. Strong desktop application administration experience to include Microsoft Office, web browsers, and anti-virus applications. Must be detail oriented and possess the ability to work in a multi-disciplined environment with an adaptive personality. Excellent communication skills, both oral and written. Analytical skills to troubleshoot IA issues. Must be able to apply intensive and diverse knowledge to problems and make independent decisions. Must be a team player able to work professionally and collaboratively with the government customer and other contract members of the project team. Excellent written and verbal communication skills and a client focus. Must be a US citizen and hold a Top Secret clearance.
Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.