Job Requirements
Philadelphia, PA
Secret Polygraph Unspecified
Career Level not specified
$90,000 - $100,000
Job Description
Overview
Information Assurance Compliance Specialist IILocation: Philadelphia, PASalary Range $90,000 to $100,000 per year
Kiakahi LLC is looking for an experienced Information Assurance Compliance Specialist II to join its team.
Assess & Authorize (A&A) and Assess Only (AO) Support:○ Collect and collate system or site information and evaluate/document in eMASS the security posture of systems being assessed, authorized, and maintained○ Develop, submit, and maintain RMF packages in accordance with DoD Instruction 8510.01, NAVSEA business rules, DON RMF process guides, and NAVSEA SOPs○ Develop RMF package documentation including AO determination request packages, system PIT determinations, categorization forms, HW/SW lists, authorization boundary diagrams, defense in depth diagrams, PPSM lists, PIAs, security plans, POA&Ms, SAPs, STIGs, SARs, RARs, and security authorization packages○ Develop or revise policies, plans, and strategy documents to meet RMF control family requirements including incident response plans, contingency plans, IAVM plans, configuration management plans, and physical security plans
Risk and Vulnerability Assessment:○ Conduct risk and vulnerability assessments of planned and installed systems to identify vulnerabilities, risks, and protection needs○ Conduct systems security evaluations, audits, and reviews○ Determine residual risk of packages based on content and assessment results for Security Controls Assessor (SCA) review
Security Assessment and Testing:○ Execute Security Assessment Plans (SAPs) by conducting on-site testing for afloat and PIT ashore systems○ Execute STIGs, SRGs, ACAS scanning, and apply patches to obtain cybersecurity compliance and remediate vulnerabilities○ Develop and maintain POA&Ms in eMASS for all IA-related tasks and deliverables
Monitoring and Analysis:○ Perform analysis of logs, events, and reporting of data collection tools including ACAS, HBSS, web content filters, SIEM, firewall systems, network devices, server devices, workstations, and IDS/IPS○ Assess impacts from observed risks and report via the cybersecurity program chain of command○ Conduct systems security reviews, audits, or evaluations to ensure accreditation documents are accurate
RMF Continuous Monitoring Support:○ Develop and update all required eMASS documents including POA&Ms, RARs, and DISA STIGs at specified frequencies○ Determine system compliance with all applicable controls and assessment procedures for DON systems○ Ensure RMF artifacts comply with Navy/NAVSEA business rules, NIST SP-800-37, and SP-800-53 Rev 4
Additional Duties:○ Perform evaluation of system administrator, security engineer, and system owner proposed corrections to ensure compliance○ Present and submit data to management, develop reports, and produce procedural documentation○ Manage, attend, and support Configuration Control Board practices○ Track deliverables and action items in accordance with A&A guidance○ Support cybersecurity technical writing as required Tools and SystemsProficiency required in:○ Enterprise Mission Assurance Support Service (eMASS) - both unclassified and classified○ Assured Compliance Assessment Solution (ACAS)○ DISA STIG Viewer / eMASSTer○ Security Content Automation Protocol (SCAP) tools○ Microsoft Visio○ Vulnerability Remediation Asset Manager (VRAM)○ Host Based Security Systems (HBSS)○ Security Information and Event Management (SIEM) tools Applicable Standards and References○ DoD Instruction 8510.01 (Risk Management Framework for DoD IT)○ DON RMF Process Guide○ NAVSEA Business Rules○ NIST SP 800-37 and SP 800-53 Rev 4○ DoD 8570.01-M (Information Assurance Workforce Improvement Program)○ NAVSEAINST 9400.2A
Requirements
Requirements
Education:
Bachelor's degree in Computer Science, Information Technology, or a related technical degree from an accredited college or university.
Experience:Minimum: Three (3) years of professional experience in information assurance compliance Target: Four (4) years of professional experience in information assurance compliance
Certifications: IAM Level 2 certification required. Acceptable certifications include one of the following:CAP (Certified Authorization Professional)CASP+ CECISM (Certified Information Security Manager)CISSP or CISSP AssociateGSLC (GIAC Security Leadership Certification)CCISOHCISPP
Operating System/Computing Environment (OS/CE) qualification as directed by Privileged Access Agreement and DFARS 252.239-7001 requirementsContinuing Professional Education (CPE) as required by certification
Security ClearanceActive Secret security clearance
Physical RequirementsWork may involve sitting or standing for extended periods of time. Position may require typing and reading from a computer screen. Must have sufficient mobility, including but not limited to bending, reaching, and kneeling to complete daily duties in a timely and efficient manner. May include lifting weigh up to thirty (30) pounds as necessary.
Benefits
• Medical, dental, vision, disability, and life insurance
• Flexible Spending Accounts
• 401(k)
• PTO
• Professional Development
• Paid federal holidays
• Paid Parental Leave
Company SummaryHeadquartered in San Diego, CA, Kiakahi LLC is a Native Hawaiian Organization (NHO) owned SBA Small Disadvantaged Business specializing in global information technology and offering professional solutions in IT Design & Installation, Cybersecurity Engineering & Support, Application Integration & Development, Software & Hardware Engineering, Network & Systems Management, Information Systems Security, and Business Management Services.
Leveraging over 30 years of providing IT services to the federal & commercial market with projects located around the world, our team possesses innovative expertise in the development of a wide range of technology solutions. Kiakahi, LLC is an equal opportunity employer.
Our service commitment is simply to become - "Your Supreme Partner for Success."
Kiakahi LLC reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Positions functions and qualifications may vary depending on business needs.
Kiakahi LLC is an equal opportunity employer and does not discriminate against applicants based on race, color, creed, religion, medical condition, legally protected genetic information, national origin, sex (including pregnancy, childbirth or related medical condition), sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status or legally protected characteristics.
Posted Salary Range
USD $90,000.00 - USD $100,000.00 /Yr.
Information Assurance Compliance Specialist IILocation: Philadelphia, PASalary Range $90,000 to $100,000 per year
Kiakahi LLC is looking for an experienced Information Assurance Compliance Specialist II to join its team.
Assess & Authorize (A&A) and Assess Only (AO) Support:○ Collect and collate system or site information and evaluate/document in eMASS the security posture of systems being assessed, authorized, and maintained○ Develop, submit, and maintain RMF packages in accordance with DoD Instruction 8510.01, NAVSEA business rules, DON RMF process guides, and NAVSEA SOPs○ Develop RMF package documentation including AO determination request packages, system PIT determinations, categorization forms, HW/SW lists, authorization boundary diagrams, defense in depth diagrams, PPSM lists, PIAs, security plans, POA&Ms, SAPs, STIGs, SARs, RARs, and security authorization packages○ Develop or revise policies, plans, and strategy documents to meet RMF control family requirements including incident response plans, contingency plans, IAVM plans, configuration management plans, and physical security plans
Risk and Vulnerability Assessment:○ Conduct risk and vulnerability assessments of planned and installed systems to identify vulnerabilities, risks, and protection needs○ Conduct systems security evaluations, audits, and reviews○ Determine residual risk of packages based on content and assessment results for Security Controls Assessor (SCA) review
Security Assessment and Testing:○ Execute Security Assessment Plans (SAPs) by conducting on-site testing for afloat and PIT ashore systems○ Execute STIGs, SRGs, ACAS scanning, and apply patches to obtain cybersecurity compliance and remediate vulnerabilities○ Develop and maintain POA&Ms in eMASS for all IA-related tasks and deliverables
Monitoring and Analysis:○ Perform analysis of logs, events, and reporting of data collection tools including ACAS, HBSS, web content filters, SIEM, firewall systems, network devices, server devices, workstations, and IDS/IPS○ Assess impacts from observed risks and report via the cybersecurity program chain of command○ Conduct systems security reviews, audits, or evaluations to ensure accreditation documents are accurate
RMF Continuous Monitoring Support:○ Develop and update all required eMASS documents including POA&Ms, RARs, and DISA STIGs at specified frequencies○ Determine system compliance with all applicable controls and assessment procedures for DON systems○ Ensure RMF artifacts comply with Navy/NAVSEA business rules, NIST SP-800-37, and SP-800-53 Rev 4
Additional Duties:○ Perform evaluation of system administrator, security engineer, and system owner proposed corrections to ensure compliance○ Present and submit data to management, develop reports, and produce procedural documentation○ Manage, attend, and support Configuration Control Board practices○ Track deliverables and action items in accordance with A&A guidance○ Support cybersecurity technical writing as required Tools and SystemsProficiency required in:○ Enterprise Mission Assurance Support Service (eMASS) - both unclassified and classified○ Assured Compliance Assessment Solution (ACAS)○ DISA STIG Viewer / eMASSTer○ Security Content Automation Protocol (SCAP) tools○ Microsoft Visio○ Vulnerability Remediation Asset Manager (VRAM)○ Host Based Security Systems (HBSS)○ Security Information and Event Management (SIEM) tools Applicable Standards and References○ DoD Instruction 8510.01 (Risk Management Framework for DoD IT)○ DON RMF Process Guide○ NAVSEA Business Rules○ NIST SP 800-37 and SP 800-53 Rev 4○ DoD 8570.01-M (Information Assurance Workforce Improvement Program)○ NAVSEAINST 9400.2A
Requirements
Requirements
Education:
Bachelor's degree in Computer Science, Information Technology, or a related technical degree from an accredited college or university.
Experience:Minimum: Three (3) years of professional experience in information assurance compliance Target: Four (4) years of professional experience in information assurance compliance
Certifications: IAM Level 2 certification required. Acceptable certifications include one of the following:CAP (Certified Authorization Professional)CASP+ CECISM (Certified Information Security Manager)CISSP or CISSP AssociateGSLC (GIAC Security Leadership Certification)CCISOHCISPP
Operating System/Computing Environment (OS/CE) qualification as directed by Privileged Access Agreement and DFARS 252.239-7001 requirementsContinuing Professional Education (CPE) as required by certification
Security ClearanceActive Secret security clearance
Physical RequirementsWork may involve sitting or standing for extended periods of time. Position may require typing and reading from a computer screen. Must have sufficient mobility, including but not limited to bending, reaching, and kneeling to complete daily duties in a timely and efficient manner. May include lifting weigh up to thirty (30) pounds as necessary.
Benefits
• Medical, dental, vision, disability, and life insurance
• Flexible Spending Accounts
• 401(k)
• PTO
• Professional Development
• Paid federal holidays
• Paid Parental Leave
Company SummaryHeadquartered in San Diego, CA, Kiakahi LLC is a Native Hawaiian Organization (NHO) owned SBA Small Disadvantaged Business specializing in global information technology and offering professional solutions in IT Design & Installation, Cybersecurity Engineering & Support, Application Integration & Development, Software & Hardware Engineering, Network & Systems Management, Information Systems Security, and Business Management Services.
Leveraging over 30 years of providing IT services to the federal & commercial market with projects located around the world, our team possesses innovative expertise in the development of a wide range of technology solutions. Kiakahi, LLC is an equal opportunity employer.
Our service commitment is simply to become - "Your Supreme Partner for Success."
Kiakahi LLC reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Positions functions and qualifications may vary depending on business needs.
Kiakahi LLC is an equal opportunity employer and does not discriminate against applicants based on race, color, creed, religion, medical condition, legally protected genetic information, national origin, sex (including pregnancy, childbirth or related medical condition), sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status or legally protected characteristics.
Posted Salary Range
USD $90,000.00 - USD $100,000.00 /Yr.
group id: 10125891