Job description

Information Assurance Analyst, Rosslyn, VA
***This position requires an active SECRET clearance*****
**
*SUMMARY*
The Information Assurance Analyst (IAA) will be responsible for the inventory, categorization, selecting security controls, and monitoring those security controls for the information systems in preparation of the Assessment and Authorization process for new and existing systems.
*Background:*
The Department of State (DOS), Overseas Buildings Operations (OBO), Information Resource Management (IRM) Division, Information System Security Officer (ISSO) is tasked with providing Information System Security services (i.e. Cyber Security, Information Assurance (IA), Information Security, Operation Security, and
Communication Security) for the bureau.
The OBO ISSS team will support across four separate environments: DoS Open Net, DoS Class Net, Cloud Service Providers (Azure, AWS, ServiceNow), and externally hosted applications. The OBO ISSO team will assist in establishing an information systems security program for the bureau that protects the organizations information assets by addressing threats to the information being processed, stored, or transmitted by the bureau’s users, application information systems, and general support systems.
The goal is to strengthen the OBO Information/Cyber Security posture through the following objectives:
*

• Development of an Information System Security Program

• Independently assess application information systems and general support systems for authorization

• Enhance information security continuous monitoring through adherence of existing annual information system security activities as well as the deployment and operation of security tools

ESSENTIAL DUTIES AND RESPONSIBILITIES*
*

• Must have proficiency and understanding of FEDRAMP and the FEDRAMP process.
• Must be able to implement NIST guidance that is pertinent to Risk Management Framework.
• Conduct Plan of Action and Milestone review.
• Prepare A&A documentation to include the following:
• System Registration (in Departments inventory tool iMATRIX)
• System Categorization Form
• System Security Plan
• Information System Contingency Plan
• Privacy Impact Assessment
• Control Implementation
• Prepare the plan of action and milestones based on the findings and recommendations of the security assessment report excluding any remediation actions taken.
• Assist application and system developers with documenting control implementation.
• Conduct and coordinate annual control assessments and contingency plan tests.
• Must have understanding of Cloud Service Providers (Azure, AWS, ServiceNow).
• Provide Information Systems Security Architecture/Engineering support as required.
• Responsible for conducting interviews with application and system developers to document system operation.
• Have a high-level understanding of cloud computing (i.e., SaaS, IaaS, and PaaS).
• Builds weekly activity report and metrics slide.

SUPERVISORY/MANAGEMENT AUTHORITY*
None
*EDUCATION and/or EXPERIENCE*
*

• Bachelor's (Preferred) Bachelor's of Science (BS) in related technical area and minimum 4 years relevant experience.
• Additional 6 years of relevant experience may be considered in lieu of a degree.
• At least 3 years of experience working with the Risk Management Framework and documenting systems in that process.
• Must hold IT Security-related certifications.
• CompTIA networks
• CISSP, CISA, CISM, CAP, or any equivalent information assurance/security-related certification required.

KNOWLEDGE, SKILLS AND ABILITIES*
*

• Active Secret Clearance
• Must be a US citizen.
• Must be highly organized and have excellent oral and written communication skills.
• Ability to handle multiple tasks simultaneously.
• Ability to work independently.
• Must be proficient in current Microsoft Office Suite to include Outlook, Word, Excel, Visio, and PowerPoint
• Strong analytical/critical thinking and innovative problem-solving skills.
• Highly organized, extremely detail-oriented and able to multi-task in a fast-paced environment
• Excellent problem solving and communication skills; both oral and written
• The ability to successfully pass a drug screen and a federal background check is mandatory.
• Cherokee Federal employees are included as covered employees in U.S. Presidential Executive Order 14042, which mandates Covid vaccines for federal contractors. Executive Order 14042 is currently blocked from enforcement pending court proceedings. Therefore, Cherokee Federal is halting the application of the mandate; however, if the injunction is lifted, Cherokee Federal will restore administration of the vaccine requirement.

WORK ENVIRONMENT*
*

• This position is performed in a Work is performed in a federal office environment.
• The position is available for at least 60% telework; however, the government client has the discretion to require employees on site as necessary.

*
**
*

Job Type: Full-time

Pay: $120,000.00 - $130,000.00 per year

Benefits:

• 401(k)
• Dental insurance
• Flexible schedule
• Health insurance
• Paid time off
• Tuition reimbursement
• Vision insurance

Schedule:

• 8 hour shift
• Monday to Friday

Security clearance:

• Secret (Required)

Work Location: In person

laviolettawines.com.au is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, laviolettawines.com.au provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, laviolettawines.com.au is the ideal place to find your next job.