Information Assurance/Security Specialist Journeyman
US-MD-Patuxent River | US-MD-Patuxent River
3 months ago(2/26/2020 12:09 PM)
TMR, Inc. seeks an Information Assurance/Security Specialist (Assessment and Authorization Validator) to provide support services to the Naval Air Cyber Security Division
Perform comprehensive security assessments using the Risk Management Framework (RMF).
Utilize knowledge of Confidentiality, Integrity, and Availability Levels and National Institute of Standards and Technology (NIST) Special Publication 800-53 controls associated with each level.
Analyze IA systems in unclassified and classified environments for compliance with National Institute of Standards and Technology (NIST), Navy security configuration requirements, and industry best practices.
Responsible for documentation review, reading over policy and procedures, SOPs, and previous accreditation documents; compile and generate deliverables (RMF scorecard, findings, risk and mitigation recommendations), and post those deliverables to the customer (email, and e-MASS).
Review Information Assurance Controls with the customer for specific applicability and compliancy.
Prepare and review program documentation to include Risk Assessment Reports, Accreditation Packages, and security policy guides.
Experience performing comprehensive security assessments using the Risk Management Framework (RMF).
Must obtain Navy Qualified Validator (NQV) certification within 2 weeks of starting.
Experience analyzing Information Assurance systems in unclassified and classified environments for compliance.
Experience in planning, analyzing, documenting, and reporting activities associated with the system security assessment and authorization (A&A) process.
Experience with program security and information systems security best practices.
Familiarity with security accreditation process.
Expertise in DCID 6/3, ICD 503, and NIST 800-53 policies and implementations.
Knowledge of NIST, CNSS, DoD, and Army/Navy policies, regulations, and guidelines.
DoD 8570 Compliant Certification (minimum IAM level I).
Active Top Secret Clearance is required.
Expert Knowledge of Risk Management Framework (RMF), NIST Cybersecurity Framework, NIST Special Publication 800-53, and DoD Instruction 8500.01.
Demonstrated experience in the implementation of DISA Security Technical Implementation Guides, Assured Compliance Assessment Solution (ACAS) scans, Security Content Automation Protocol (SCAP) Compliance scans, Plan of Action and Milestones (POA&M), and Risk Assessment Report (RAR).
Ability to multi-task in a deadline-oriented environment across several projects and teams.
Excellent communication, organization, and time management skills.
Excellent technical writing skills.
Must be detail oriented and service oriented.
Ability to be flexible.
Intermediate-level expertise in MS Excel, Word, PowerPoint, and Visio
Technical and Management Resources, Inc. is an Equal Opportunity Employer and does not discriminate with regard to race, color, religion, sex, age, national origin, disability, or Vietnam veteran status. This policy affirms TMR’s commitment to the principles of fair employment and the elimination of discriminatory practices. We encourage all employees to take advantage of opportunities for promotion as they occur.