• 6 years of experience in Information Technology.
• 3 years experience performing specialized IT security duties (see req. qualifications).
• 3 years of specialized experience in Information Assurance.
• Bachelors degree in Information Technology or related field; 4 years additional experience lieu of a degree.
• Excellent interpersonal, analytical and problem solving skills to address variable situations.
• General knowledge of industry security requirements, standards, and best practices.
• Strong written and verbal communication skills; ability to document processes and write comprehensive security recommendations.
• Professional attitude, able to to communicate and interact with individuals at all levels across various information technology and business sectors.
• Strong organizational, project management, and customer service skills. Ability to act in the best interest of the client both within a team and self-directed.
• DOD 8570.01 IAT Level ll (or higher) Certification
Security+CE, GSEC, SSCP, or CCNA-Security
Security Clearance: Minimum Public Trust, Secret Preferred.
• Ability to perform Principal Duties & Responsibilities
• Familiarity with eMASS or similar systems managing accreditation packages for medium to large networks.
• Specialized experience with ACAS (Assured Compliance Assessment Solution), Tenable Nessus, Retina, or similar vulnerability scanning tools.
• Expert knowledge of NIST, CNSS, RMF, DOD policies on Information Technology and Information Assurance.
• Experience accrediting a network resulting in an Authority to Operate (ATO) under RMF.
• Specialized experience with Risk Management Framework (RMF) IA tasks to include:
Network Architecture Documentation
Network Boundary Diagrams
Conducting Risk Analysis
Scanning and Remediation
Creating Plan of Action and Milestones (POA&Ms)
Auditing IT technologies for STIG Compliance
Expert-level knowledge of IT security protocols, tools, and systems. Specialized experience in one or more of the following:
Intrusion Detection and Prevention systems
Vulnerability and Risk Assessments
Incident Response systems
Other security software and tools