Haystack LLC is seeking an Information Assurance Specialist for a full-time opportunity with our direct client in Albuquerque, NM.
The Information Assurance (IA) Specialist is a Subject Matter Expert that has experience in providing knowledge, techniques and/or capabilities related to system IA, Assess and Authorize (A&A) (formerly Certification and Accreditation), documentation, security testing and vulnerability remediation. The position supports the Assess and Authorize (A&A) process for administering DoD (Department of Defense) Risk Management Framework (RMF) program. Experience in managing IT or IA related projects that required extensive and simultaneous documentation and coordination across multiple customers is needed.
DoD 8570 IAM Level II or higher baseline certification is required (see below)
Active Top Secret clearance required.
- Analyze complex network and IA systems in unclassified and classified environments for compliance with DoD and industry best practices security configuration requirements
- Knowledge and experience in the certification and accreditation processes involving the control families for the Risk Management Framework (RMF) and with eMASS.
- Performance of A&A workflow in accordance with RMF requirements, preparation of system related RMF artifacts, system security engineering, preparation of security test plans and their execution, remediation of system vulnerabilities, and preparation of IA documentation including PPS matrix, POA&M and system security plans.
- Writing Standard Operation Procedures (SOP), COOP, Configurations, and other documentation in support of RMF as required.
- Provide technical evaluation of proposed system(s) and application approaches
- Validation of Information Assurance (IA) Controls
- Maintain an awareness of trends within the Technology Industry
- Bachelor’s degree in a Business Management or MIS related field preferred, or experience in lieu of degree; High School diploma required if no existing higher education diplomas
- DoD 8570 IAM Level II (CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, or CCISO) required
- CASP+ CE, CISSP (or Associate), or CSSLP preferred
- 3-5 years of progressively responsible IT security consulting experience including recent experience with RMF.
- Experience with Defense Information Systems Agency (DISA) STIG Toolset & SCAP
- Experience with DISA Command Cyber Readiness Inspections (CCRI)
- Technical experience or understanding of the following areas: Network Infrastructure (Cisco/Juniper), Microsoft Windows Server 2008, 2012, and 2016, UNIX/Linux (SUN/RedHat), Windows 7/10, and database (Oracle/MS SQL 2005+).
- Individual must have high degree of skills with the MS Office toolsets.
- Strong verbal and written communication skills as well as the ability to work independently as required.
- Must possess refined critical thinking skills, should be a self-starter, may direct the activities of other team members, diplomatic, multi-task capable, adaptive to a dynamic environment, dependable and reliable.
- Prior experience in a government consulting services environment is required.
- Active Top Secret security clearance required.