Information Assurance Security Specialist

Vienna, VA 22102

Posted: 06/03/2019 Industry: Information Technology Job Number: 553

Requirements: Bachelor’ s degree, active Secret (or higher), (that means US Citizens only) A&A experience as it relates to cyber security, information assurance, or IT. Certified Authorization Provider (CAP) certification or obtained within 90 days of hire. 
 
Reports to:   A&A Task Lead 
 
Clearance Level Required: Secret 

Work Location: Vienna Virginia
 
Recommended: Bachelor’ s Degree in related field, 5 years’ experience, CISSP or other IT and security-related certifications.

 
Information Assurance Security Specialist (IASS): IASS functions as an information system security subject matter expert (SME) on FISMA, NIST standards and guidelines, Privacy Act, HIPAA, E-Gov, OMB Circulars A-11 and A-130, and Clinger-Cohen as they apply to data and application security. The IASS is responsible for Assessment and Authorization (A&A) activities for Consular Affairs / Consular Systems and Technology (CA/CST) automated information systems (AIS) and provides A&A support for domestic and oversea deployed systems. In addition, the IASS tracks and reports status, and brings any obstacles that may impact the completion of the A&A to the attention of the A&A Task Lead and the Program Manager (PM) in a timely manner.   The IASS ensures that A&A packages are submitted to IA and follows up to ensure IA approval of each phase of the A&A process prior to systems’ Authorized to Operate (ATO) expiration date. The IASS daily function includes: 
 
Serves as the primary IASS lead for Visa, Passport, American Citizen Overseas or CA Support for # High, # Moderate, and # Low information systems and drives the overall A&A life-cycle process in accordance with the Department CA/CST System Development Life-Cycle (SDLC). IASS monitors the systems security posture via iPost. Analyzes production system configuration change requests (CCR) of existing systems to determine security impact using the Planned Change Comparative Analysis (PCCA) process, and initiates required actions to maintain security posture and authorization status. Conducts monthly POA&M meetings with Government Technical Managers (GTMs) and developers. Schedules and facilitates boundary meeting, A&A Kickoff meetings and POA&M findings meetings. Gathers required information to support system authorization by organizing technical working groups, conducting fact-finding interviews, attending system demo, assessing system security categorization (SCF) levels.

establishing system security control baseline, acting as a security advisor to the GTM during the security controls implementation. Develops, updates, and maintains the following security application documentation:  ? Security Categorization Form (SCF)? E-Authentication Form (eRA)? System Security Plan (SSP) 
 
Supports the Contingency Plan (CP) SME and Privacy Impact Assessment (PIA) SME in the development of the following security application documentation:? Information System Contingency Plan (ISCP)? Privacy Impact Assessment (PIA) 
 
Complete data calls in a timely manner which include but not limited to Quarterly POA&Ms data call. Reviews, monitors and reports POA&Ms status to all parties including PM, ISSP GTM, System GTM and System Development Team, and System Operation Teams. 
 
Provides guidance to System GTM and System developers as it related to the A&A process using both the National Institute of Standard and Technology (NIST) Special Publication (SP) 800 series and Department Foreign Affairs Manual (FAM) guidelines. Assists and advises System GTMs and System developers in the design and development of secure systems architecture as well as industry best practices and information systems technologies available to meet AIS security requirements.   
 
  

Mike Smith
Managing Principal

I have been a recruiting and business development professional for over 30 years, I have extensive experience in all aspects of recruiting, business development, management and corporate hiring strategies. I have worked with large corporations such as DigitalGlobe, GeoEye, TAC Worldwide and RCM Technologies as well as several startups such as CleverSource, SPADAC, TechWizards and DTRI, and that has given me a broad perspective of the different hiring processes and a wide range of experiences to draw from. I started my career in the Air Force as an Intelligence Analyst which gave me a foundation of analytical thinking, and team spirit supporting a mission I wholeheartedly cared about. I was born in to Foreign Service parents, and lived in many countries, which has also contributed to my professional and culutrualdevelopment. Nothing succeeds like success, and my goal is to always create an environment around me of can do spirit and to mentor others to achieve their potential.
Apply Online
Apply with LinkedIn Apply with Facebook Apply with Twitter

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.