Information Assurance Security Specialist (IASS) Job at OBXtek Inc.
Responsibilities:
Security Clearance: Secret Company Information:
Headquartered in McLean, Virginia and founded in 2009, OBXtek is a fast-growing leader in the government contracting field. Our mission is Our People…Our Reputation. Our people are trained professionals who enhance our customers’ knowledge and innovation using technology, collaboration, and education.
We offer a robust suite of benefits including comprehensive medical, dental and vision plans, Flexible Spending Accounts, matching 401K, paid time off, tuition reimbursement plans and much more.
As a prime contractor for 93% of our current work, OBXtek pairs lessons learned across disciplines with industry standard quality practices such as CMMI-Dev Level III, ITIL, 6Sigma, PMI, and ISO. Our rapid growth has been recognized by INC500, the Washington Business Journal, and Washington Technology magazine.
OBXtek is an Equal Opportunity Employer and does not discriminate based on race, color, religion, sex, age, national origin, gender identity, disability, veteran status, sexual orientation or any other classification protected by federal, state or local law.
OBXtek is staffing for an Information Assurance Security Specialist (IASS) to support the Department of State Consular Affairs (CA/CST) Bureau.
The IASS tasks and responsibilities include:
- Working as an information system security subject matter expert (SME) on FISMA, NIST standards and guidelines, Privacy Act, HIPAA, E-Gov, OMB Circulars A-11 and A-130, and Clinger-Cohen as they apply to data and application security.
- Responsible for Assessment and Authorization (A&A) activities for Consular Affairs / Consular Systems and Technology (CA/CST) automated information systems (AIS) and provides A&A support for domestic and oversea deployed systems, as well as A&A activities on Cloud systems (IAAS, SAAS, and PAAS).
- Tracks and reports status of their assigned A&A’s and brings any obstacles that may impact the completion of the A&A to the attention of the A&A Task Lead and the Program Manager (PM) in a timely manner.
- Ensures that A&A packages are submitted to IA and follows up to ensure IA approval of each phase of the A&A process prior to systems’ Authorized to Operate (ATO) expiration date.
- Analyzes production system configuration change requests (CCR) of existing systems to determine security impact using the Security Impact Analysis (SIA) process, and initiates required actions to maintain security posture and authorization status.
- Supports weekly or monthly meetings with Government Technical Monitors (GTMs) and developers. Schedules and facilitates boundary meetings, RMF Step 1 Kick-off meetings, System Categorization meetings and RMF 1-3 Working Groups.
- Gathers required information to support system authorization by organizing technical working groups, conducting fact-finding interviews, attending system demo, assessing system security categorization (SCF) levels, establishing system security control baseline, acting as a security advisor to the GTM during the security controls implementation.
- Draft and maintain project schedules for each of their assigned systems as they go through the RMF process.
- Develops, updates, and maintains the following security application documentation:
- Security Categorization Form (SCF)
- E-Authentication Form (eRA)
- System Security Plan (SSP)
- Supports the Contingency Plan (CP) SME and Privacy Impact Assessment (PIA) SME in the development of the following security application documentation:
- Information System Contingency Plan (ISCP)
- Privacy Impact Assessment (PIA)
- Completes data calls in a timely manner which include but not limited to Quarterly POA&M data calls. Reviews, monitors, and reports POA&Ms status to all parties including PM, ISSS GTM, System GTM, System Development Team, and System Operation Teams.
- Provides guidance to System GTM and System developers as it related to the A&A process using both the National Institute of Standard and Technology (NIST) Special Publication (SP) 800 series and Department Foreign Affairs Manual (FAM) guidelines.
- Assists and advises System GTMs and System developers in the design and development of secure systems architecture as well as industry best practices and information systems technologies available to meet AIS security requirements.
- Attends Agile security scrum meeting with stakeholders and provide feedback during those meetings.
Active Secret Clearance.
Education:
- Bachelor’s degree in computer science, Information Technology, Information Assurance, Cybersecurity, or related field.
Desired Certifications:
- CAP, CISSP, or other IT and security-related certifications
Experience:
- 3-5+ years’ experience in the Risk Management Framework process, cybersecurity, information assurance, or IT.
- Extensive knowledge of FISMA Compliance and NIST guidelines including Risk Management Framework (RMF), and the NIST SP 800 series.
- Hands-on experience writing System Security Plans (SSPs), Security Categorization Forms (SCF), and other various RMF Steps 1-3 documentation.
- Experience conducting RMF Steps 1, 2, 3, & 6.
- Proficient writing and communication skills.
- Experience working in an Agile environment.
- Experience performing RMF 1-3 activities on systems within the cloud and/or hosted on FedRamp approved IAAS, SAAS, or PAAS.
- Ability to work in fast-paced environments.
- Working experience with Xacta and/or Arch Angel GRC tools.
- Proficient with SharePoint, Microsoft Teams, Confluence, Microsoft Project, and Office 365.
Security Clearance: Secret Company Information:
COVID Policy: Prospective and/or new employees will be required to adhere with OBXtek’s vaccination policy. Full vaccination will be required and verified before the start of employment unless an accommodation request is approved. Employees working onsite at a customer location must comply with customer vaccination requirements which may include any or all the following: social distancing, masks, mandatory statements regarding one's vaccination status and mandatory testing.
Headquartered in McLean, Virginia and founded in 2009, OBXtek is a fast-growing leader in the government contracting field. Our mission is Our People…Our Reputation. Our people are trained professionals who enhance our customers’ knowledge and innovation using technology, collaboration, and education.
We offer a robust suite of benefits including comprehensive medical, dental and vision plans, Flexible Spending Accounts, matching 401K, paid time off, tuition reimbursement plans and much more.
As a prime contractor for 93% of our current work, OBXtek pairs lessons learned across disciplines with industry standard quality practices such as CMMI-Dev Level III, ITIL, 6Sigma, PMI, and ISO. Our rapid growth has been recognized by INC500, the Washington Business Journal, and Washington Technology magazine.
OBXtek is an Equal Opportunity Employer and does not discriminate based on race, color, religion, sex, age, national origin, gender identity, disability, veteran status, sexual orientation or any other classification protected by federal, state or local law.
Please Note :
apexdining.ca is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, apexdining.ca provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.