Information Assurance Specialist - Senior

Overview/ Job Responsibilities

Sev1Tech is looking for the right candidate to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety. The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support. Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.

We're looking for a senior Information Assurance Specialist to assist our customer in overseeing and supporting Information Security Control Assessments, Intrusion Defense Chain FISMA Metrics Tracking, and a Industry Cyber Hygiene Data Assessment Program.

The Information Assurance Specialist - Senior will oversee Information System Security Control Assessments, including:

• Developing and maintaining an overall Security Assessment Schedule.
• Developing testing artifacts for each system including as appropriate Rules of Engagement, a technical assessment plan, Security Requirements Traceability Matrix, Security Assessment Report, and other necessary documentation.
• Scheduling and performing technical assessments of systems and applications to determine the severity of security control weaknesses.
• Executing assessments through reviewing system security documentation, vulnerability scan results, audit logs, configuration guides, and any other additional material provided by the system and system stakeholders.
• Documenting results of assessments in the compliance tool utilizing a standard reporting format for recording assessment results and findings along with recommended mitigations.
• Updating and maintaining all testing templates and standard operating procedures.
• Collecting and storing all final materials and media.

The Information Assurance Specialist - Senior will oversee Intrusion Defense Chain FISMA Metrics Tracking, including:

• Testing the ability to properly classify malicious logic investigations using the Intrusion Defense Chain (IDC) Framework
• Creating example malicious logic and disseminate to all DHS Components
• Tracking and reporting compliance and accuracy in classifying malicious logic using the IDC Framework
• Creating and maintaining IDC Metrics for the annual Information Security Performance Plan

The Information Assurance Specialist - Senior will ensure performance of the customer's Industry Cyber Hygiene Data Assessment Program, including:

• Establishing, documenting, and continually refining CONOPS and standard operating procedures documentation for the Cyber Hygiene Assessment (CHA) Team
• Developing and maintaining a management schedule for all CHA data analysis and assessment activities
• Coordinating with CHA personnel to collect artifacts, define scope and establish governance functions for assessments and analysis of industry cyber hygiene data
• Establishing performance metrics and process improvement criteria stemming from the results of industry cyber hygiene assessments and analysis
• Evaluating results and provide recommendations in determination of industry cyber hygiene maturity
• Creating both draft and final deliverable reports stemming from industry assessments and analysis for Federal CHA program personnel consumption and review
• Developing, maintaining, and updating any additional program documentation on an ongoing basis

Minimum Qualifications

• BA or BS degree, preferably in Information Security, Information Systems, Cybersecurity, Information Technology/Network Administration or related discipline, or 4-8 years of direct experience may be substituted in lieu of degree
• At least 8 years experience in the federal IT services industry
• Knowledge and experience with the Risk Management Framework
• Knowledge of federal security standards, frameworks, and directives, including NIST, OMB, and DHS
• Experience managing small teams performing Information Assurance activities
• Thorough understanding of the Security Authorization and ATO requirements and processes
• Must possess one (1) or more of the following IAT Level II certifications: GSEC - GIAC Security Essentials; CompTIA Security+ CE; or
  
  SSCP - Systems Security Certified Practitioner.
  
• Must possess one (1) or more of the following IAM Level II certifications: GSLC - GIAC Security Leadership Certification; CAP - Certified Authorization Professional; CISM - Certified Information Security Manager; CISSP or Associate - Certified Information Systems Security Professional; or CASP - CompTIA Advanced Security Professional.
  
• Excellent communication skills, including the ability to brief customer management and leadership
• A successful track record of providing excellent customer service
• Understanding of best practices for Intrusion Detection and assessing Intrusion Detection performance
• Knowledge of organizational cybersecurity hygiene best practices ad the ability to assist customers in establishing, promoting, evaluating, and improving them
• Clearance Requirement: Public Trust clearance or higher; Public Trust clearance with Dept of Homeland Security (DHS) or Customs & Border Protection (CBP) preferred

Desired Qualifications

• DHS experience

About Sev1Tech LLC

Welcome to Sev1Tech! Founded in 2010, we are proud to be a leading provider of IT modernization, engineering, and program management solutions. Our commitment is to deliver exceptional program and IT support services that empower critical missions for both Federal and Commercial clients.

At Sev1Tech, our mission is clear: Build better companies. Enable better government. Protect our nation. Build better humans across the country. We believe that through innovation and dedication, we can make a significant impact on the communities we serve.

Join the Sev1Tech family, where your potential for greatness is limitless! Here, you will not only achieve remarkable accomplishments but also enjoy a fulfilling and rewarding career progression. We invite you to explore opportunities with us and become part of a team that values your contributions and growth.

Ready to take the next step? Apply directly through our website: Sev1Tech Careers and use the hashtag #joinSev1Tech to connect with us on social media!

For any additional questions or to submit referrals, feel free to reach out to recruiting@sev1tech.com .