Information Assurance Systems/Network Specialist (TS/SCI)

DirectViz Solutions (DVS) is a dynamic and rapidly growing government contractor committed to delivering innovative IT solutions that address the mission-critical needs of our government clients. Through the expertise and dedication of our talented team, we provide cutting-edge technology services designed to achieve success and exceed expectations.

At DVS, we prioritize our employees as our greatest asset. We offer competitive compensation, comprehensive medical benefits, a 401(k) match, generous PTO accrual, professional development reimbursement, corporate-funded technology certifications, and robust employee recognition and appreciation programs.

We are seeking a highly skilled Information Assurance Systems/Network Specialist to work in Washington DC.

Job Summary:

Responsible The contractor shall provide assessment and authorization (A&A) and technical cyber security support to the System Owner (SO) to include, but not limited to:

• Determines enterprise information assurance and security standards.
• Develops and implements information assurance and security standards and procedures.
• Coordinates, develops, and evaluates security programs for an organization. Recommends information assurance and security solutions to support customer's requirements.
• Identifies, reports, and resolves security violations.
• Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
• Supports customers at the highest levels in the development and implementation of doctrine and policies.
• Applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
• Performs analysis, design, and development of security features and procedures.
• Analyzes and defines security requirements for computer systems which may include mainframes, workstations, and personal computers.
• Designs, develops, engineers, and implements solutions that meet security requirements.
• Provides integration and implementation of the computer system security solution.
• Analyzes general information assurance related technical problems and provides basic engineering and technical support in solving these problems.
• Performs vulnerability/risk analysis of computer systems and applications during all phases of the system development life cycle.
• Oversees the efforts to design, develop, engineer, and implement solutions to security requirements.
• Ensures that all information systems are functional and secure.
• Manages all information pertaining to network processes and ensures that Authorization To Operate (ATOs) are up-to-date.
• Oversee the ATO renewal process and Annual Security Reviews for ATO networks.
• Maintains knowledge of current security tools, hardware and software security implementation, and encryption techniques.
• Maintains database and develops plans actions and milestones to remediate audit findings.
• Leads and drafts the development of information system security change management policy and standards, including establishing the organizational Change Control Board (CCB) Charter, supporting processes, guidelines, standards, and procedures.
• Manages and performs implementation and training of organizational change management policy, processes, and toolsets; manage and support enterprise- level CM repositories and their respective processes.
• Performs configuration management (CM) tasks in the information system boundary baseline management for software, hardware, and documentation.
• Develops process key performance indicators status/metrics reporting for continual process improvement insight.
• Maintains communication with project-level stakeholders and manage project scope and expectations.

Key Responsibilities:

• Analyze network architectures to identify vulnerabilities and reduce breaches. Audit current and future systems and implement the right security strategy. This includes but not limited to entire network including desktops, servers, routers, switches and other systems for improvements and security issues. Develop and implement scanning and certification plans for network control and maintenance. Document existing and proposed information architecture to convey compliance, problems, and solutions. Establish guidelines and policies surrounding risk and security. Monitor the system and patch software to prevent future attacks. Monitor applications and hardware for any unusual activity. Mitigate damages and patch software during current cyber threats. Perform target vulnerability scanning of systems at the request of the Director, System Owner, Authorizing Official, and/or Information System Security Officers (ISSO). Conduct weekly network vulnerability scanning based on a pre-defined schedule provided by the System Owner and/or Director. Conduct remediation scanning of infrastructures for critical security patch compliance. Critical security patch releases can be for both scheduled and out-of-band patch releases. Continuously monitor vulnerability advisory resources and issue advisories to all affected stakeholders no later than one business day upon discovery of new vulnerabilities and threats.
• Implement the Risk Management Framework (RMF) in accordance with the National Institute of Standards and Technology (NIST). Develop artifacts and supporting evidence to satisfy all applicable RMF Controls and corresponding Control Correlation Identifiers (CCls). Develop and/or update the Plan of Action and Milestones (POA&M) to document all known vulnerabilities to correct or mitigate risks. Manage system accreditation packages and ATOs using the DISA Enterprise Mission Assurance Support Service (eMASS) management tool. Assess the Cyber Security risk of IT systems documenting them in formal risk assessments and supporting artifacts associated with the Assessment & Authorization (A&A) process. Execute reviews of RMF Security Controls to ensure FISMA and NIST compliance.

Required Qualifications:

• Bachelor's Degree AND minimum of 4 years of experience OR 6 years of relevant experience
• Must possess one of the following ((CISA, GIAC Certified Incident Handler (GCIH), GIAC Information Security Expert (GSE), GIAC Security Leadership (GLSC), Security Certified Network Architect (SCNA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), and/or Certified Information Systems Auditor (CISA).
• Active Top Secret with eligibility to obtain Sensitive Compartmented Information Facility Clearance

If you thrive on solving complex problems and building meaningful connections, we'd love to hear from you. Join our team and make an impact today!

Physical and Mental Qualifications:

• Maintain focus and awareness throughout scheduled working hours.
• Perform tasks requiring prolonged periods of sitting or standing at a desk, utilizing a computer, mouse, and keyboard.
• Lift and move objects weighing up to 15 pounds as needed.
• Exhibit excellent verbal and written communication skills, with a strong command of the English language.
• Demonstrate the ability to work independently while also collaborating effectively as part of a team.
• Quickly learn and retain routine tasks and processes.
• Possess strong organizational skills, attention to detail, business correspondence proficiency, and self-management capabilities.
• Perform the essential functions of the role satisfactorily; reasonable accommodation will be provided for employees with disabilities upon request.
• Accept and adapt to additional responsibilities or changes to assigned duties as determined by DirectViz Solutions (DVS).

DirectViz Solutions, LLC (DVS) is an equal opportunity employer who prohibits discrimination and harassment against any employee or applicant for employment based on race, , sex (including pregnancy), age, gender identity, creed, religion, national origin, sexual orientation, marital status, genetic information, disability, political affiliation, protected veteran status, or any other status protected by federal, state or local law.

DVS has a zero-tolerance policy for harassment, threats, coercion, discrimination, and intimidation. Employees may file a complaint or exercise any right protected by Executive Order 11246, Section 503 of the Rehabilitation Act of 1973, as amended, Section 4212 of the Vietnam Era Veterans Readjustment Assistance Act of 1974, or the Veterans Employment Opportunities Act of 1998.