kglobal logo

Senior Information Assurance Analyst

ZENETEX specializes in management and technology support services for a variety of federal agencies and commercial organizations. This position will provide Information Assurance Management (IAM) efforts to our team in Orlando, Florida.

Primary Duties and Responsibilities

  • Develop, implement, and enforce policies and procedures reflecting the legislative intent of applicable laws and regulations for the NE
  • Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations
  • Develop security requirements specific to an IT acquisition for inclusion in procurement documents
  • Recommend resource allocations required to securely operate and maintain NE IA requirements
  • Participate in an IS risk assessment during the C&A process
  • Develop security requirements for hardware, software, and services acquisitions specific to multiple CEs or NE IA security programs
  • Ensure that IA and IA enabled software, hardware, and firmware complies with appropriate NE security configuration guidelines, policies, and procedures
  • Assist in the gathering and preservation of evidence used in the prosecution of computer crimes
  • Ensure that NE IS recovery processes are monitored and that IA features and procedures are properly restored
  • Review IA security plans for the NE
  • Ensure that all IAM review items are tracked and reported
  • Review the selected security safeguards to determine that security concerns identified in the approved plan have been fully addressed
  • Evaluate the presence and adequacy of security measures proposed or provided in response to requirements contained in acquisition documents
  • Provide leadership and direction to NE personnel by ensuring that IA security awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities
  • Develop and implement programs to ensure that systems, network, and data users are aware of, understand, and follow NE and IA policies and procedures
  • Advise the IAM/DAA of any changes affecting the NE IA posture
  • Conduct an NE physical security assessment and correct physical security weaknesses
  • Ensure that compliance monitoring occurs, and review results of such monitoring across the NE

Certification Requirements

  • DoD Information Assurance Certification and Accreditation Process (DIACAP) DODI 8510.01
  • Possess DoD Approved Baseline Certification as Information Assurance Manager Level II in accordance with DOD 8570.01-M. (i.e. CISSP, GSLC, CAP, CASP or CISM)
  • Complete understanding of Information Assurance controls and implementation delineated in DODI 8500.1 and DODI 8500.2

Skills

  • EyeRetina vulnerability scanner
  • Defense Information Systems Agency (DISA) Gold Disk
  • The Security Content Automation Protocol (SCAP) Compliance Checker
  • Security Readiness Review (SRR) scripts

Desired Education and Experience

  • B.S. in engineering, computer science or mathematics
  • Minimum 10 years of engineering experience with at least 5 years of Information Assurance (IA) Manager experience
  • Skill to perform penetration tests and vulnerability assessments using EyeRetina vulnerability scanner, Defense Information Systems Agency (DISA) Gold Disk, the Security Content Automation Protocol (SCAP) Compliance Checker and Security Readiness Review (SRR) scripts
  • Experience implementing operating systems and network devices security configuration in accordance with Defense Information Systems Agency (DISA) approved Security Technical Implementation Guides
  • Experience performing IA certification test, security audits and risk analysis and developing mitigation strategies for DOD Information Systems (IS)
  • Experience preparing certification letters and Memoranda of Agreement (MoA) with system owners for interface and networking implementations
  • Experience in the development of IA related acquisition documents and in the evaluation of products and services. Ability to identify Common Criteria and National Information Assurance Partnership (NIAP) certified technologies
  • Knowledge and experience working with Cross Domain Solutions
  • Familiar with the Joint Air Force-Army-Navy Manual (JAFAN) for Special Access Program, the Intelligence Community Information Technology Systems Risk Management Certification and Accreditation and Department of Defense Intelligence Information System (DODIIS) processes
  • Have working knowledge of the Clinger-Cohen Act, the Federal Information Security Management Act (FISMA) and all IA implications that must be met to comply with the Information Security policies and laws


  U.S. Citizenship required
MUST HAVE AN ACTIVE DoD SECRET SECURITY CLEARANCE


ZENETEX is an Equal Opportunity/affirmative action Employer. Qualified applicants are considered for employment without regard to age, race, sex, national origin, sexual orientation, disability, or veteran status or any other characteristic protected by law.

View this job in our Career Center