Information Assurance (IA) Analyst (DES) with Security Clearance
, MD, United States
Railhead, Inc. is seeking a qualified Information Assurance (IA) Analyst to join our Defense Enclave Services (DES) team at Fort Meade, MD. The selected candidate will support an extensive digital modernization program critical to DISA and Fourth Estate Agencies. You will support information technology discovery, optimization, and transformation into a centralized, operational enterprise. The selected candidate shall perform (or review) technical security assessments of computing environments to identify points of vulnerability, non–compliance with established Information Assurance (IA) guidelines and regulations and recommend mitigation strategies. In this role, the candidate will ensure that the environments in which DoD information systems reside are secure and compliant, develop approaches to secure the environment, assess threats to the environment, provide inputs on the adequacy of security designs and architectures, perform RMF related activities, and participate in risk assessment during the certification and accreditation process. Responsibilities: •Support customer environment migrations (travel required.)
•Evaluate, develop and/or implement information assurance guidelines and procedures as required.
•Recommend security solution mitigations and enhancements supporting information assurance guidelines and customer requirements.
•Perform vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
•Conduct IT security site surveys.
•Support Authorizing Official (AO) actions by developing and delivering accreditation packages with supporting documents and artifacts in accordance with RMF as defined in NIST 800–37 revision 2 and related agency specific RMF requirements.
•Provide input into an Audit and Accountability Plan containing methods, procedures, and planned reviews for the continuing accreditation and authorization against AU (Audit and Accountability) family controls per NIST SP 800–53 guidance.
•Provide input and implements an organizational access control policy and plan in compliance with risk–levels defined in the National Institute of Standards and Technology (NIST) 800–53, rev 4, Access Control family of controls to include auditing annually, at a minimum.
•Develop processes and procedures for evaluating and documenting information system security vulnerabilities IAW DoD Instruction (DoDI) 8510.01 (RMF for DoD IT)
•Ensure that all information systems meet or exceed compliance requirements.
•Identify, report, and resolve security violations.
•Establish and satisfy information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
•Have experience using eMASS and/or Xacta.
•Monitor and review the regular updates/upgrades to equipment and procedures to maintain pace with IA requirements and business needs.
•Identify overall security requirements for the proper handling of Government data. Qualifications: – Secret Clearance required
•Support customer environment migrations (travel required.)
•Evaluate, develop and/or implement information assurance guidelines and procedures as required.
•Recommend security solution mitigations and enhancements supporting information assurance guidelines and customer requirements.
•Perform vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
•Conduct IT security site surveys.
•Support Authorizing Official (AO) actions by developing and delivering accreditation packages with supporting documents and artifacts in accordance with RMF as defined in NIST 800–37 revision 2 and related agency specific RMF requirements.
•Provide input into an Audit and Accountability Plan containing methods, procedures, and planned reviews for the continuing accreditation and authorization against AU (Audit and Accountability) family controls per NIST SP 800–53 guidance.
•Provide input and implements an organizational access control policy and plan in compliance with risk–levels defined in the National Institute of Standards and Technology (NIST) 800–53, rev 4, Access Control family of controls to include auditing annually, at a minimum.
•Develop processes and procedures for evaluating and documenting information system security vulnerabilities IAW DoD Instruction (DoDI) 8510.01 (RMF for DoD IT)
•Ensure that all information systems meet or exceed compliance requirements.
•Identify, report, and resolve security violations.
•Establish and satisfy information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
•Have experience using eMASS and/or Xacta.
•Monitor and review the regular updates/upgrades to equipment and procedures to maintain pace with IA requirements and business needs.
•Identify overall security requirements for the proper handling of Government data. About Railhead: Railhead, Inc. is a leader in advanced cyber solutions; cloud and managed IT solutions; engineering; and information–based solutions for commercial entities, law enforcement, and homeland security. We provide intelligence, surveillance, and reconnaissance; training; logistics; and operational support services and solutions in support of organizations not limited to DHS, DoD, and the Intelligence Community (IC). We hire mission enablers who reflect our communities and proactively embrace diversity and inclusion, in order to advance our corporate culture, develop our family of employees into the best they can be, and in turn grow our market share throughout the industry. Railhead, Inc. is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, veteran status, or any other protected factor.
#J-18808-Ljbffr