Information Assurance / Security Specialist
Diverse Systems Group LLC
Job Description
Job Description
Description:
Overview:
Diverse Systems Group, LLC is seeking an Information Assurance Specialist to support Walter Reed National Military Medical Center (WRNMMC)’s system security authorization processes in compliance with the Department of Defense (DOD) and Defense Health Agency (DHA)’s NIST RMF related policies and requirements.
Job Summary:
- Lead and perform Defense Health Agency (DHA)-specific Risk Management Framework (RMF)-related tasks throughout all stages of a system’s lifecycle to include:
- stakeholder engagement and development of A&A or Threat Management Team project plans
- preparation and maintenance of FIPS-199 system security categorization,
- preparation and maintenance of FIPS-200 system security controls exceptions,
- performance of risk assessments,
- analysis of risk remediation and mitigation options and strategies,
- development, review, and submission of Assessment & Authorization (A&A) system security packages,
- selection and documentation of applicable NIST 800-53 rev. 4 security controls in systems’ Security Controls Traceability Matrices (SCTM),
- collection, development, and analysis of NIST 800-53 rev 4-related security controls artifacts,
- participation in and organizational oversight of Independent Verification & Validation (IV&V) activities,
- development of and status tracking for Plans of Action & Milestones (POA&M),
- performance of Continuous Diagnostics and Monitoring (CDM)-related activities, and
- status tracking and reporting to leadership and organizational stakeholders.
- Supports the year-round work of maintaining security posture to meet DoD RMF requirements.
- Manage system security packages in DOD Enterprise Mission Assurance Support System (eMASS) throughout system authorization cycles, to include:
- system registration
- uploading and maintenance of system security packages,
- Plans of Action & Milestones (POA&M) entry and tracking, and
- system decommissioning.
- Conduct and technology assessments, reviews, and technical inspections to identify and mitigate potential security weaknesses and to ensure all applicable security features and functionality are implemented and function as intended and required.
- Work in partnership with System and Network Administrators to perform self-assessment and hardening of workstations, servers, network devices, and clinical devices to include application of Secure Technical Implementation Guidelines (STIG) and running hardening and security artifact collection scripts and Security Content Automation Protocol (SCAP) and Assured Compliance Assessment Solution (ACAS) scans.
- Develop and maintain cybersecurity-related training materials and delivery of training for users and System Administrators (SA).
- Possess and maintain comprehensive understanding of federal security regulatory requirements and security frameworks including DoD/DHA IT Security and IA policies, RMF, NIST SP 800-series, FISMA, FIPS, FedRAMP, policies, directives, and publications etc.
- Proactively maintain awareness and understanding of current and emerging threats and vulnerabilities and their potential impact on organizational mission accomplishment, patient safety, and security of patient data.
- Apply security patches, IAVAs, STIGS, and updates for all assigned systems
- Provide support for the escalation and communication of status to agency management and internal customers and clearly communicate technical information to both technical and non-technical personnel
- Implement and manage disaster recovery and COOP plans, systems, and operations.
- Works collaboratively with team to ensure the following; Maintenance of baseline system security according to organizational policies, cyber threats and vulnerabilities are mitigated, and information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, and encryption) are adhered to.
- Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
- Maintain thorough understanding of NIST 800-53 controls, and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM).
- Oversee the monitoring and resolving Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems.
- Ensures technical system documentation required for A&A packages are complete and clearly supports validation and ATO in accordance with system security requirements.
- Performs comprehensive A&A tasks including package development, controls analysis, risk assessment, contingency planning, security test & evaluation, risk mitigation analysis, and technology assessments.
- Utilizes application NIST and FIPS standards and guidance documents to register and complete accreditation packages in the DISA eMASS system.
- Leads the RMF accreditation lifecycle for assigned systems from cradle to grave, managing stakeholder engagement, lifecycle progression, schedule development, accreditation package review, submission and validation.
- Maintains and supports current and ongoing A&A packages to ensure an uninterrupted delivery of information technology systems for the organization.
- Creates, manages, and maintains setup documentation and security policies for compliance and accreditation purposes for all programs, projects, including SOPs, Policies, Procedures, Plans, guidelines, checklists, presentations, training guides, etc… in alignment with the DOD/DHA IT organizational cybersecurity needs or in accordance with RMF guidelines.
- Reports on assessment process status, participates in Independent Verification & Validation (IV&V) activities, conducts/oversees IV&V testing as required, and assists system certifiers during evaluations.
- Reviews regulatory security policies, as well as best practices, and develop the technical solution required in order to implement those requirements on servers, routers, firewalls and other LAN/WAN equipment.
- Works with System and Network Administrators to monitor the security posture of all networked systems and applications and take appropriate steps to quickly deal with any vulnerabilities.
- Provides system, network, security engineering expertise and guidance for all aspects of information assurance, including those systems required to meet DoD regulations and requirements.
- Manages the cybersecurity program to minimize risk and exposure across projects.
- Oversee a team performing self-assessment and hardening of system servers, applying STIGs, SCAP and ACAS scans, and other scripts
- Comprehensive understanding of DoD MHS services and programs, and other usability standards, as well as user interface design methodologies.
- Other duties assigned as related to the Cybersecurity Division.
Supervisory Responsibility: No
Requirements:Skills & Abilities:
- Knowledge and experience with DOD RMF A&A artifacts, network architecture, network and security management and monitoring tools and penetration test tools.
- Experience with deploying & hardening Windows Server 2012 R2, Server 2016, Server 2019
- Experience with PowerShell, Tanium, SCAP, NMAP, SQL Developer, Forescout, and/or Splunk
- Large Enterprise-level IT experience with maintenance of servers, storage devices and applications
- Strong problem solving and critical thinking skills.
- Strong planning & organizational skills.
- Strong verbal and written communication skills to include delivery of presentations and communication of technical concepts to non-technical personnel that may span organizations and functional groups.
- Strong verbal and written communication skills to include delivery of presentations and communication of technical concepts to non-technical personnel that may span organizations and functional groups.
- Strong problem solving and critical thinking skills.
Education/Experience:
- 5+ years of technical experience related to system and / or network administration and / or cybersecurity operations.
Certification(s):
- Minimum certification level of CompTIA Security+ CE or equivalent certification required in accordance with DoDI 8140 / DoDD 8570 requirements (IAM/IAT Level 2)
- CISSP, CAP, CYSA, CISM, MSCE or equivalent certification required.
Clearance:
- DOD Secret security clearance required.
Nice to have:
- Four-year college degree in Cybersecurity, Information Technology, Computer Information Systems, Computer Science, Computer Engineering, or equivalent. (Additional years of experience may serve in lieu of a degree)
- ...Experience the difference, and let’s talk about your future at Systems Plus today. Position Details Position Title Information Assurance/Security Specialist - Level II-Charleston Position Type Full Time, Onsite Position Location Charleston,SC Tracking Code 01126...SuggestedFull timeContract workFor contractorsWorldwide
$84 - $93 per hour
...Information Assurance And Security Specialist Short Description: Information Assurance and Security Specialist – Master Hybrid position - will require on-site reporting to OCIO office Duties: Identify network problems, and recommend improvements to ensure optimal...SuggestedHourly payWork at officeWork from homeFlexible hours- ...Job Description Job Description Description: Overview Diverse Systems Group, LLC is seeking an Information Assurance/Security Specialist to play a pivotal role in safeguarding the integrity, confidentiality, and availability of information systems and data within...Suggested
- Information Assurance (IA) / Security Compliance Specialist This position is in anticipation of contract award and is contingent upon successful contract award. Applicants will be contacted regarding employment opportunities upon award notification. 5+ years Federal IA...SuggestedContract work
- ...Previous Candidates need not reapply. The Information Technology Department (ITD) at the IMF... ...the IT department, the Information Security and Governance (ISG) division and other... ...Senior Security Analyst (Cloud Security Assurance) position. Under the general supervision...Suggested
- ## Information Systems Security SpecialistApplylocations: Arlington, VAtime type: Full timeposted on:... ...seeking an Information Systems Security Specialist to support this critical customer... ...as part of a team of Information Assurance professionals to manage the full Risk...Temporary workFor contractorsWork at officeImmediate startRemote work
- ...celebrating 26 years of excellence— is seeking a Senior Information Systems Security Specialist to Join our Team in Washington, DC. At ICI Services,... ...responsible for supporting all aspects of a Program Information Assurance (IA) processes tailored to include minimum...For contractors
- Sr. Security & Compliance Specialist - TS Clearance Full-time SVD Solutions is focused on providing comprehensive Information Security/Assurance advisory services to Senior Executives of government and commercial organizations. We are an intelligence-driven management...Full timeWork experience placementWork at officeImmediate startRemote work
- ...companies and recruiters to obtain personal information from job seekers. Please be vigilant... ...sensitive information such as Social Security numbers or bank details during the initial... ...complete the DOS Protective Security Specialist Basic and Quick Reaction Force training...Local areaWorldwideOverseasLong distance
- ...Olgoonik is an Equal Opportunity Employer Overview: The Security Specialist works with the Bureau of Diplomatic Security. Familiar with all aspects of industrial security, information security, operational security, communications security, and security policy...For contractorsWork at officeLocal area
- ...Summary You will serve as an INFORMATION SECURITY SPECIALIST within the NAVAL HISTORY AND HERITAGE COMMAND. Learn more about this agency Duties Help You will review, analyze, and resolve difficult and complex security problems, provide guidance...Permanent employmentFull timePart timeInterim roleWork at officeLocal areaImmediate startRelocation
- ...Information Security Specialist Overview: We are seeking an experienced Information Security Specialist to support DoD CIO cybersecurity and risk management initiatives. This role focuses on conducting threat and risk assessments of enterprise systems, infrastructure...Immediate startFlexible hours
- Overview Job Location: Arlington, VA 22202 Position Type: Full Time Position title: Information Security Specialist (INFOSEC) Location: Arlington, Virginia Clearance required: SECRET Responsibilities Information Security (INFOSEC) Program Support: Review proposed publications...Full timeContract workWork at office
$114k - $120k
Overview LMI is seeking a Security Specialist who will provide security administrative expertise for our government customer in specialties such as Physical, Information, and Industrial Security. The position will be primarily located at the Pentagon. This position requires...Contract workFor contractorsShift work- Security Specialist I - III Lexical Intelligence provides software and services related to processing large-scale biomedical information sources. Our Natural Language Processing (NLP) and analytics... ...or lead secure coding quality assurance activities in accordance with...Contract workTemporary workFor contractorsFor subcontractorWork at officeLocal area
- Koniag Information Security Services, LLC is seeking a Personnel Security Specialist in Arlington, VA to support personnel security for the Department of Defense. Responsibilities include managing security databases, developing SOPs, and ensuring compliance with security...
$114k - $120k
LMI Government Consulting is seeking a Security Specialist to provide expertise in physical, information, and industrial security. This role, based at the Pentagon, mandates an Active TS/SCI clearance, and requires extensive experience supporting government security needs...- ...Summary Arlo Solutions (Arlo) is an information technology consulting services company... ...Description: The Information Security Specialist III supports the National Oceanic and... ...security, cybersecurity, and information assurance functions ~ Develop research security...Contract workFor contractorsWork at office
$80k - $110k
Alvarez & Marsal Deutschland GmbH is seeking an experienced AI/ML Security professional in Washington, D.C. The role involves leading AI... ...include 3+ years in AI development, expertise in information security, and proficiency in tools like TensorFlow, Docker, and...- ...safeguarding classified and sensitive information from foreign and domestic threats. This... ...opportunity to contribute to national security through cutting-edge technical and security... ...roles.The Mid-Level Technical Security Specialist (MTSS) provides technical expertise and...Contract workFor contractorsTraineeship
- ...safeguarding classified and sensitive information from foreign and domestic threats. This... ...opportunity to contribute to national security through cutting‑edge technical and security... ...roles. The Junior Technical Security Specialist (JTSS) provides technical expertise in...Contract workTraineeship
$141.5k - $236k
Join ManTech International as a Senior Information System Security Officer (ISSO) in Washington, DC, focusing on national security. You will oversee essential security practices, manage risks, and ensure compliance with the federal standards for system authorization. Ideal...- Sr IT Security/Vulnerability Management Specialist AAC is seeking Senior Security Analyst focusing on Vulnerability Management to join our security compliance... ...team. In this role, you will work closely with the Information Systems Security Officer (ISSO) and play a critical...Work experience placement3 days per week
$85k - $115k
...Complete incident reports to document all Security/Loss Prevention related incidents.... ...and property reports/documents; release information only to authorized individuals. Conduct... ...reach common goals. Comply with quality assurance expectations and standards. Stand, sit,...Full timeWork experience placementShift work$129.99k - $149.48k
...confidentiality, integrity, and availability of information that supports federal programs and... ..., and compliance helps organizations securely deliver impactful services? Job... ...Effect is seeking 2 highly skilled Security Specialists to support our client’s mission by...Full timeWork at officeRemote workFlexible hours- ...vacancy is for a GS-0080-13, Physical Security Specialist located in the Department of Homeland Security, U.S. Coast Guard, MISSION ASSURANCE DIVISION -CG-SPM-1 in WASHINGTON, District... ..., and coordinating briefings and information exchange opportunities. Preparing reports...Full timePart timeWork at officeFlexible hours
$88.4k - $154.7k
.... Job Description Parsons is looking for a talented Physical Security Specialist (PhySS) to join our team! In this role, you will design and maintain security measures for Sensitive Compartmented Information Facilities (SCIFs) and ensure compliance with federal standards...Flexible hours- Physical Security Specialist This vacancy is for a Physical Security Specialist located in the Department of Homeland Security, U.S. Coast Guard, MISSION ASSURANCE DIVISION -CG-DCMS-341 in WASHINGTON, District of Columbia.
$62k - $141k
...Job Number: R0242263 Systems Security Analyst The Opportunity:... ...your skills and knowledge to inform strategies and help mitigate... ...decisions. As a cyber threat specialist on our team, you'll be trusted... ...authorization reviews and assurance case development for the initial...Full timeContract workPart timeWork at officeLocal areaRemote work$69.4k - $158k
...will safeguard our nation? As a systems security & network security engineer, you can... ...Have 1+ years of experience as an ISSO or Information System Security Analyst (ISSA) 1+ years... ...security authorization reviews and assurance case development for the initial installation...Work at officeLocal areaRemote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Information Assurance / Security Specialist. Be the first to apply!
- senior information security analyst Bethesda, MD
- security systems specialist Bethesda, MD
- network security consultant Bethesda, MD
- security consultant Bethesda, MD
- security specialist Bethesda, MD
- security coordinator Bethesda, MD
- security advisor Bethesda, MD
- information technology security engineer Bethesda, MD
- data center security officer Bethesda, MD
- director information security Bethesda, MD

