Smartronix Senior Information Assurance Specialist in Patuxent River, Maryland
Senior Information Assurance Specialist at Smartronix (View all jobs) (https://www.smartronix.com/careers/index.html)
Patuxent River, MD
We are looking for a Senior Information Assurance Specialist professional to support US Navy programs NAWCTSD Orlando.
Qualified candidate must be familiar with DoD RMF and FISMA and the relevant guidance issued by agencies and the National Institute of Standards and Technology (NIST) including: NIST Special Publication (SP) 800-37, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-30, and NIST SP 800-18. The candidate should have a solid understanding of operating system and networking security, IT system policies, and Security Assessments and Authorizations (SA&A) and knowledge with supporting Defense department customers with securing information systems and maintaining authorizations.
Duties & Responsibilities:
Providing support to Navy programs to develop and conduct Assessment & Authorization (A&A) and Life Cycle Management documentation of systems and/or networks.
Assist with the development and maintenance of all necessary A&A documents for achieving either PIT Risk Approvals (PRA) or Authority To Operate (ATO).
Provide coordination, tracking, and management through all aspects of the A&A process for the PM for the purpose of bringing Systems into compliance with applicable laws, orders, directives, and instructions.
Ensure and maintain IAVA and STIG compliance and review all change requirements of the systems.
Perform assessments of new technologies being implemented at the various stages of the Systems Engineering Lifecycle.
Evaluate and review proposed architectures, and designs within the current and future system design. Determine how to correctly remediate and mitigate system vulnerabilities. An automation-focused approach should be used when remediating systems.
Review, prepare, and update Navy authorization packages
Advise the Program Manager and other program stakeholders regarding cybersecurity matters, including change control, Information Assurance Vulnerability Management (IAVM), and DoD, DoN, and NAWCTSD policy
Notify customer when changes occur that might affect authorization
Perform security self-assessment, using the DISA Security Technical Implementation Guides (STIGs), Security Content Automation Protocol (SCAP) and the Assured Compliance Assessment Solution (ACAS)
Perform Independent Assessments as a Navy Qualified Validator (NQV), including developing the Security Assessment Plan (SAP), validating the program Self-Assessment, using the above-mentioned tools, and completing the Security Assessment Report (SAR)Develop system-level policy documentation to address NIST control requirements
Develop system-level policy documentation to address NIST control requirements
Required Skills and Experience:
Clearance Required: Secret SSBI
Must possess 5-7 years of experience with RMF and compliance activities (DoD RMF, DIACAP, FISMA, FedRAMP, PCI DSS, HIPAA)
Bachelors degree; or 5 years experience
DoD Cybersecurity Workforce (CSWF) IAT II certification (i.e Security + CE)
Active NQV II Credential
Strong written and oral communication skills.
Ability to work independently in a remote environment
Experience conducting assessments using STIGs
Working knowledge of Windows and Linux Operating Systems
Experience with ACAS, SCAP Scanners
Familiarity with Excel, Word, Visio and PowerPoint
NQV III Credential
Who we are
Smartronix, an OceanSound Partners company, delivers advanced solutions in digital modernization, cloud, cybersecurity, mission-focused engineering, systems integration and intelligence, surveillance, and reconnaissance (ISR) capabilities. The company provides expertise to design, manage and secure the world's mission critical enterprise solutions. We are a leading provider of next generation multi-cloud platforms to public sector and commercial markets leveraging most innovative global platforms. Headquartered in the Washington DC area, Smartronix has offices throughout the U.S. and has been positioned by Gartner as a Leader in its 2020 Magic Quadrant for Public Cloud Infrastructure Professional and Managed Services, Worldwide.
Who Are Our Employees
Our employees are encouraged to think big and collaborate every day. We ensure that each employee is not only aware of our strategic vision; they are a part of it. This is because we know that our employees are critical components to the company’s ever-growing success. Committed to ensuring the highest levels of customer satisfaction, Smartronix is structured around the programs and technologies we support to provide optimal and seamless operations. Due to our talented workforce, we have maintained a reputation for excellence, helping to assure the missions of our Department of Defense, Public Sector, Fortune 1000, and other Government and commercial customers.
Smartronix is committed to hiring and retaining a diverse workforce. All qualified candidates will receive consideration for employment without regard to disability, protected veteran status, race, color, religious creed, national origin, citizenship, marital status, sex, sexual orientation/gender identity, age, or genetic information. Selected applicant will be subject to a background investigation. Smartronix is an Equal Opportunity/Affirmative Action employer.