Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Information Assurance / Security Specialist

Diverse Systems Group LLC

Job Description

Job Description

Description:

Overview:

Diverse Systems Group, LLC is seeking an Information Assurance Specialist to support Walter Reed National Military Medical Center (WRNMMC)’s system security authorization processes in compliance with the Department of Defense (DOD) and Defense Health Agency (DHA)’s NIST RMF related policies and requirements.

Job Summary:

  • Lead and perform Defense Health Agency (DHA)-specific Risk Management Framework (RMF)-related tasks throughout all stages of a system’s lifecycle to include:
  • stakeholder engagement and development of A&A or Threat Management Team project plans
  • preparation and maintenance of FIPS-199 system security categorization,
  • preparation and maintenance of FIPS-200 system security controls exceptions,
  • performance of risk assessments,
  • analysis of risk remediation and mitigation options and strategies,
  • development, review, and submission of Assessment & Authorization (A&A) system security packages,
  • selection and documentation of applicable NIST 800-53 rev. 4 security controls in systems’ Security Controls Traceability Matrices (SCTM),
  • collection, development, and analysis of NIST 800-53 rev 4-related security controls artifacts,
  • participation in and organizational oversight of Independent Verification & Validation (IV&V) activities,
  • development of and status tracking for Plans of Action & Milestones (POA&M),
  • performance of Continuous Diagnostics and Monitoring (CDM)-related activities, and
  • status tracking and reporting to leadership and organizational stakeholders.
  • Supports the year-round work of maintaining security posture to meet DoD RMF requirements.
  • Manage system security packages in DOD Enterprise Mission Assurance Support System (eMASS) throughout system authorization cycles, to include:
  • system registration
  • uploading and maintenance of system security packages,
  • Plans of Action & Milestones (POA&M) entry and tracking, and
  • system decommissioning.
  • Conduct and technology assessments, reviews, and technical inspections to identify and mitigate potential security weaknesses and to ensure all applicable security features and functionality are implemented and function as intended and required.
  • Work in partnership with System and Network Administrators to perform self-assessment and hardening of workstations, servers, network devices, and clinical devices to include application of Secure Technical Implementation Guidelines (STIG) and running hardening and security artifact collection scripts and Security Content Automation Protocol (SCAP) and Assured Compliance Assessment Solution (ACAS) scans.
  • Develop and maintain cybersecurity-related training materials and delivery of training for users and System Administrators (SA).
  • Possess and maintain comprehensive understanding of federal security regulatory requirements and security frameworks including DoD/DHA IT Security and IA policies, RMF, NIST SP 800-series, FISMA, FIPS, FedRAMP, policies, directives, and publications etc.
  • Proactively maintain awareness and understanding of current and emerging threats and vulnerabilities and their potential impact on organizational mission accomplishment, patient safety, and security of patient data.
  • Apply security patches, IAVAs, STIGS, and updates for all assigned systems
  • Provide support for the escalation and communication of status to agency management and internal customers and clearly communicate technical information to both technical and non-technical personnel
  • Implement and manage disaster recovery and COOP plans, systems, and operations.
  • Works collaboratively with team to ensure the following; Maintenance of baseline system security according to organizational policies, cyber threats and vulnerabilities are mitigated, and information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, and encryption) are adhered to.
  • Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
  • Maintain thorough understanding of NIST 800-53 controls, and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM).
  • Oversee the monitoring and resolving Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems.
  • Ensures technical system documentation required for A&A packages are complete and clearly supports validation and ATO in accordance with system security requirements.
  • Performs comprehensive A&A tasks including package development, controls analysis, risk assessment, contingency planning, security test & evaluation, risk mitigation analysis, and technology assessments.
  • Utilizes application NIST and FIPS standards and guidance documents to register and complete accreditation packages in the DISA eMASS system.
  • Leads the RMF accreditation lifecycle for assigned systems from cradle to grave, managing stakeholder engagement, lifecycle progression, schedule development, accreditation package review, submission and validation.
  • Maintains and supports current and ongoing A&A packages to ensure an uninterrupted delivery of information technology systems for the organization.
  • Creates, manages, and maintains setup documentation and security policies for compliance and accreditation purposes for all programs, projects, including SOPs, Policies, Procedures, Plans, guidelines, checklists, presentations, training guides, etc… in alignment with the DOD/DHA IT organizational cybersecurity needs or in accordance with RMF guidelines.
  • Reports on assessment process status, participates in Independent Verification & Validation (IV&V) activities, conducts/oversees IV&V testing as required, and assists system certifiers during evaluations.
  • Reviews regulatory security policies, as well as best practices, and develop the technical solution required in order to implement those requirements on servers, routers, firewalls and other LAN/WAN equipment.
  • Works with System and Network Administrators to monitor the security posture of all networked systems and applications and take appropriate steps to quickly deal with any vulnerabilities.
  • Provides system, network, security engineering expertise and guidance for all aspects of information assurance, including those systems required to meet DoD regulations and requirements.
  • Manages the cybersecurity program to minimize risk and exposure across projects.
  • Oversee a team performing self-assessment and hardening of system servers, applying STIGs, SCAP and ACAS scans, and other scripts
  • Comprehensive understanding of DoD MHS services and programs, and other usability standards, as well as user interface design methodologies.
  • Other duties assigned as related to the Cybersecurity Division.

Supervisory Responsibility: No

Requirements:

Skills & Abilities:

  • Knowledge and experience with DOD RMF A&A artifacts, network architecture, network and security management and monitoring tools and penetration test tools.
  • Experience with deploying & hardening Windows Server 2012 R2, Server 2016, Server 2019
  • Experience with PowerShell, Tanium, SCAP, NMAP, SQL Developer, Forescout, and/or Splunk
  • Large Enterprise-level IT experience with maintenance of servers, storage devices and applications
  • Strong problem solving and critical thinking skills.
  • Strong planning & organizational skills.
  • Strong verbal and written communication skills to include delivery of presentations and communication of technical concepts to non-technical personnel that may span organizations and functional groups.
  • Strong verbal and written communication skills to include delivery of presentations and communication of technical concepts to non-technical personnel that may span organizations and functional groups.
  • Strong problem solving and critical thinking skills.

Education/Experience:

  • 5+ years of technical experience related to system and / or network administration and / or cybersecurity operations.

Certification(s):

  • Minimum certification level of CompTIA Security+ CE or equivalent certification required in accordance with DoDI 8140 / DoDD 8570 requirements (IAM/IAT Level 2)
  • CISSP, CAP, CYSA, CISM, MSCE or equivalent certification required.

Clearance:

  • DOD Secret security clearance required.

Nice to have:

  • Four-year college degree in Cybersecurity, Information Technology, Computer Information Systems, Computer Science, Computer Engineering, or equivalent. (Additional years of experience may serve in lieu of a degree)
Vacancy posted 2 days ago
Similar jobs that could be interesting for youBased on the Information Assurance / Security Specialist in Bethesda, MD vacancy
  •  ...Experience the difference, and let’s talk about your future at Systems Plus today. Position Details Position Title Information Assurance/Security Specialist - Level II-Charleston Position Type Full Time, Onsite Position Location Charleston,SC Tracking Code 01126... 
    Suggested
    Full time
    Contract work
    For contractors
    Worldwide

    Systems Plus, Inc.

    Rockville, MD
    19 hours ago
  • $84 - $93 per hour

     ...Information Assurance And Security Specialist Short Description: Information Assurance and Security Specialist – Master Hybrid position - will require on-site reporting to OCIO office Duties: Identify network problems, and recommend improvements to ensure optimal... 
    Suggested
    Hourly pay
    Work at office
    Work from home
    Flexible hours

    AHU Technologies, Inc.

    Washington DC
    2 days ago
  •  ...Job Description Job Description Description: Overview Diverse Systems Group, LLC is seeking an Information Assurance/Security Specialist to play a pivotal role in safeguarding the integrity, confidentiality, and availability of information systems and data within... 
    Suggested

    Diverse Systems Group LLC

    Bethesda, MD
    10 days ago
  • Information Assurance (IA) / Security Compliance Specialist This position is in anticipation of contract award and is contingent upon successful contract award. Applicants will be contacted regarding employment opportunities upon award notification. 5+ years Federal IA... 
    Suggested
    Contract work

    Blue Rose Consulting Group

    Washington DC
    1 day ago
  •  ...Previous Candidates need not reapply. The Information Technology Department (ITD) at the IMF...  ...the IT department, the Information Security and Governance (ISG) division and other...  ...Senior Security Analyst (Cloud Security Assurance) position. Under the general supervision... 
    Suggested

    SwiftCruit

    Washington DC
    3 days ago
  • ## Information Systems Security SpecialistApplylocations: Arlington, VAtime type: Full timeposted on:...  ...seeking an Information Systems Security Specialist to support this critical customer...  ...as part of a team of Information Assurance professionals to manage the full Risk... 
    Temporary work
    For contractors
    Work at office
    Immediate start
    Remote work

    Nightwing Group

    Arlington, VA
    19 hours ago
  •  ...celebrating 26 years of excellence— is seeking a Senior Information Systems Security Specialist to Join our Team in Washington, DC. At ICI Services,...  ...responsible for supporting all aspects of a Program Information Assurance (IA) processes tailored to include minimum... 
    For contractors

    International Executive Service Corps

    Washington DC
    4 days ago
  • Sr. Security & Compliance Specialist - TS Clearance Full-time SVD Solutions is focused on providing comprehensive Information Security/Assurance advisory services to Senior Executives of government and commercial organizations. We are an intelligence-driven management... 
    Full time
    Work experience placement
    Work at office
    Immediate start
    Remote work

    SVD Solutions

    Washington DC
    1 day ago
  •  ...companies and recruiters to obtain personal information from job seekers. Please be vigilant...  ...sensitive information such as Social Security numbers or bank details during the initial...  ...complete the DOS Protective Security Specialist Basic and Quick Reaction Force training... 
    Local area
    Worldwide
    Overseas
    Long distance

    Janus Global

    Alexandria, VA
    1 day ago
  •  ...Olgoonik is an Equal Opportunity Employer Overview: The Security Specialist works with the Bureau of Diplomatic Security. Familiar with all aspects of industrial security, information security, operational security, communications security, and security policy... 
    For contractors
    Work at office
    Local area

    Olgoonik Corporation

    Washington DC
    19 hours ago
  •  ...Summary You will serve as an INFORMATION SECURITY SPECIALIST within the NAVAL HISTORY AND HERITAGE COMMAND. Learn more about this agency Duties Help You will review, analyze, and resolve difficult and complex security problems, provide guidance... 
    Permanent employment
    Full time
    Part time
    Interim role
    Work at office
    Local area
    Immediate start
    Relocation

    Department of the Navy (Agency Wide)

    Washington DC
    19 hours ago
  •  ...Information Security Specialist Overview: We are seeking an experienced Information Security Specialist to support DoD CIO cybersecurity and risk management initiatives. This role focuses on conducting threat and risk assessments of enterprise systems, infrastructure... 
    Immediate start
    Flexible hours

    Novul Solutions

    Arlington, VA
    1 day ago
  • Overview Job Location: Arlington, VA 22202 Position Type: Full Time Position title: Information Security Specialist (INFOSEC) Location: Arlington, Virginia Clearance required: SECRET Responsibilities Information Security (INFOSEC) Program Support: Review proposed publications... 
    Full time
    Contract work
    Work at office

    People Technology & Processes LLC

    Arlington, VA
    9 hours ago
  • $114k - $120k

    Overview LMI is seeking a Security Specialist who will provide security administrative expertise for our government customer in specialties such as Physical, Information, and Industrial Security. The position will be primarily located at the Pentagon. This position requires... 
    Contract work
    For contractors
    Shift work

    LMI Government Consulting

    Arlington, VA
    1 day ago
  • Security Specialist I - III Lexical Intelligence provides software and services related to processing large-scale biomedical information sources. Our Natural Language Processing (NLP) and analytics...  ...or lead secure coding quality assurance activities in accordance with... 
    Contract work
    Temporary work
    For contractors
    For subcontractor
    Work at office
    Local area

    Lexical Intelligence

    Bethesda, MD
    19 hours ago
  • Koniag Information Security Services, LLC is seeking a Personnel Security Specialist in Arlington, VA to support personnel security for the Department of Defense. Responsibilities include managing security databases, developing SOPs, and ensuring compliance with security... 

    Koniag Information Security Services, LLC

    Arlington, VA
    4 days ago
  • $114k - $120k

    LMI Government Consulting is seeking a Security Specialist to provide expertise in physical, information, and industrial security. This role, based at the Pentagon, mandates an Active TS/SCI clearance, and requires extensive experience supporting government security needs... 

    LMI Government Consulting

    Arlington, VA
    1 day ago
  •  ...Summary Arlo Solutions (Arlo) is an information technology consulting services company...  ...Description: The Information Security Specialist III supports the National Oceanic and...  ...security, cybersecurity, and information assurance functions  ~ Develop research security... 
    Contract work
    For contractors
    Work at office

    Arlo Solutions LLC

    Silver Spring, MD
    more than 2 months ago
  • $80k - $110k

    Alvarez & Marsal Deutschland GmbH is seeking an experienced AI/ML Security professional in Washington, D.C. The role involves leading AI...  ...include 3+ years in AI development, expertise in information security, and proficiency in tools like TensorFlow, Docker, and... 

    Alvarez & Marsal Deutschland GmbH

    Washington DC
    9 hours ago
  •  ...safeguarding classified and sensitive information from foreign and domestic threats. This...  ...opportunity to contribute to national security through cutting-edge technical and security...  ...roles.The Mid-Level Technical Security Specialist (MTSS) provides technical expertise and... 
    Contract work
    For contractors
    Traineeship

    Mayvin®

    Alexandria, VA
    1 day ago
  •  ...safeguarding classified and sensitive information from foreign and domestic threats. This...  ...opportunity to contribute to national security through cutting‑edge technical and security...  ...roles. The Junior Technical Security Specialist (JTSS) provides technical expertise in... 
    Contract work
    Traineeship

    Mayvin®

    Alexandria, VA
    3 days ago
  • $141.5k - $236k

    Join ManTech International as a Senior Information System Security Officer (ISSO) in Washington, DC, focusing on national security. You will oversee essential security practices, manage risks, and ensure compliance with the federal standards for system authorization. Ideal... 

    ManTech International

    Washington DC
    2 days ago
  • Sr IT Security/Vulnerability Management Specialist AAC is seeking Senior Security Analyst focusing on Vulnerability Management to join our security compliance...  ...team. In this role, you will work closely with the Information Systems Security Officer (ISSO) and play a critical... 
    Work experience placement
    3 days per week

    AAC

    Bethesda, MD
    4 days ago
  • $85k - $115k

     ...Complete incident reports to document all Security/Loss Prevention related incidents....  ...and property reports/documents; release information only to authorized individuals. Conduct...  ...reach common goals. Comply with quality assurance expectations and standards. Stand, sit,... 
    Full time
    Work experience placement
    Shift work

    TryApplyNow

    Bethesda, MD
    4 days ago
  • $129.99k - $149.48k

     ...confidentiality, integrity, and availability of information that supports federal programs and...  ..., and compliance helps organizations securely deliver impactful services? Job...  ...Effect is seeking 2 highly skilled Security Specialists to support our client’s mission by... 
    Full time
    Work at office
    Remote work
    Flexible hours

    Ripple Effect

    Bethesda, MD
    3 days ago
  •  ...vacancy is for a GS-0080-13, Physical Security Specialist located in the Department of Homeland Security, U.S. Coast Guard, MISSION ASSURANCE DIVISION -CG-SPM-1 in WASHINGTON, District...  ..., and coordinating briefings and information exchange opportunities. Preparing reports... 
    Full time
    Part time
    Work at office
    Flexible hours

    U.S. Coast Guard

    Washington DC
    3 days ago
  • $88.4k - $154.7k

     .... Job Description Parsons is looking for a talented Physical Security Specialist (PhySS) to join our team! In this role, you will design and maintain security measures for Sensitive Compartmented Information Facilities (SCIFs) and ensure compliance with federal standards... 
    Flexible hours

    Dormont Manufacturing Company

    Bethesda, MD
    2 days ago
  • Physical Security Specialist This vacancy is for a Physical Security Specialist located in the Department of Homeland Security, U.S. Coast Guard, MISSION ASSURANCE DIVISION -CG-DCMS-341 in WASHINGTON, District of Columbia.

    US Government Jobs

    Washington DC
    2 days ago
  • $62k - $141k

     ...Job Number: R0242263 Systems Security Analyst The Opportunity:...  ...your skills and knowledge to inform strategies and help mitigate...  ...decisions. As a cyber threat specialist on our team, you'll be trusted...  ...authorization reviews and assurance case development for the initial... 
    Full time
    Contract work
    Part time
    Work at office
    Local area
    Remote work

    Booz Allen Hamilton

    Arlington, VA
    4 days ago
  • $69.4k - $158k

     ...will safeguard our nation? As a systems security & network security engineer, you can...  ...Have 1+ years of experience as an ISSO or Information System Security Analyst (ISSA) 1+ years...  ...security authorization reviews and assurance case development for the initial installation... 
    Work at office
    Local area
    Remote work

    Booz Allen Hamilton

    Alexandria, VA
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Information Assurance / Security Specialist. Be the first to apply!