Information Assurance Analyst
- Recruiter
- Vencore
- Location
- Annapolis, Maryland, United States
- Salary
- Competitive salary
- Posted
- 03 Dec 2020
- Closes
- 04 Dec 2020
- Ref
- 102434
- Job role
- Accountant
- Sector
- Accounting - Public practice
Business Group Highlights
Defense
The Defense group supports the Department of Defense (DoD) mission to keep our homeland and its citizens safe. We provide solutions to improve the Nation's defense by providing software, systems engineering, IT, training and logistics and fleet management solutions.
Responsibilities
This position will be based in Annapolis Junction, MD. Other locations may be considered
The Information Assurance Analyst:
EDUCATION
Requires 5 to 8 years with BS/BA or 3 to 5 years with MS/MA or 0 to 2 years with PhD.
REQUIREMENTS
About Perspecta
What matters to our nation, is what matters to us. At Perspecta, everything we do, from conducting innovative research to cultivating strong relationships, supports one imperative: ensuring that your work succeeds. Our company was formed to bring a broad array of capabilities to all parts of the public sector-from investigative services and IT strategy to systems work and next-generation engineering.
Our promise is simple: never stop solving our nation's most complex challenges. And with a workforce of approximately 14,000, more than 48 percent of which is cleared, we have been trusted to do just that, as a partner of choice across the entire sector.
Perspecta is an AA/EEO Employer - All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
As a government contractor, Perspecta abides by the following provision
Pay Transparency Nondiscrimination Provision
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of the other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c).
Defense
The Defense group supports the Department of Defense (DoD) mission to keep our homeland and its citizens safe. We provide solutions to improve the Nation's defense by providing software, systems engineering, IT, training and logistics and fleet management solutions.
Responsibilities
This position will be based in Annapolis Junction, MD. Other locations may be considered
The Information Assurance Analyst:
- Assist the Information System Security Engineer (ISSE) / Cyber Lead in meeting their duties and responsibilities
Overseeing the development and maintenance of a system's cybersecurity solutions - Ability to successfully analyze an organization's business requirements, while considering security needs based on risk
- Provide ATO recommendation for the information system to the Organizational ISSMs, and ISSOs on RMF Assessment and Authorization (A&A)
- Facilitate working sessions demonstrating Cyber perspective for assessing threats to various System Owners, and Program Management Offices
- Leverage knowledge of open source concepts, methods, and practices to provide technical and analytical support for the planning, conduct, and coordination of intelligence research and analysis operations
- Mentor and educate peers in IT Governance, Risk, and Compliance (ITGRC)
- Proficient in using Security Technical Implementation Guides (STIGs) or other acceptable alternatives as a cybersecurity methodology to validate security controls in enhancing security for software, hardware, physical and logical architectures to further reduce vulnerabilities.
- Create and update user stories in Jira/Confluence
- Assisting with identification of the security control baseline set and any applicable overlays
- In coordination with the Information System Security Engineer (ISSE), support the implementation of the RMF process and the security controls baseline for the NBIS/DSS program
- Assist with development, maintenance, and tracking of the Security Plan
- Assist ISSE with the security control implementation and testing efforts
- Ensure that all users have the requisite security clearances and access authorization, and are aware of their cybersecurity responsibilities for DoD systems under their purview before being granted access to the system
- Assist with any security testing required as part of Assessment & Authorization (A&A) or annual reviews
- Assist in the analysis, mitigation and remediation of open vulnerabilities under the system's change control process
- In coordination with the ISSE, initiate protective or corrective measures when a cybersecurity incident or vulnerability is discovered and ensure that a process is in place for authorized users to report all cybersecurity-related events and potential threats and vulnerabilities to the ISSO
- Plan and perform cybersecurity testing to assess security controls and recording security control compliance status during sustainment
- Oversee cybersecurity testing to assess security controls and recording security control compliance status during the continuous monitoring phase of the lifecycle Develop and update project briefs as required.
- Develop and submit weekly and monthly status reports.
- Develop and deliver working level and senior leadership briefs.
- Provide general documentation support.
EDUCATION
Requires 5 to 8 years with BS/BA or 3 to 5 years with MS/MA or 0 to 2 years with PhD.
REQUIREMENTS
- Understanding of Scaled Agile Framework (SAFe) process and how to utilize it within day to day activities
Knowledge and experience completing the Risk Management Framework (RMF) lifecycle, as provided in DoD RMF Process Guide developed upon NIST framework - Must have DoD Active/Current Secret clearance
- Create and update user stories in Jira/Confluence
- Performed security scans of servers using DoD approved tools (ACAS, SCAP, Veracode, etc.)
- Completed STIG Checklists to ensure proper security configurations of operating systems and databases
- Worked with developers and System Administrator to correct findings from security scans and STIGS checklist
- Understanding of Scaled Agile Framework (SAFe) process and how to utilize it within day to day activities
About Perspecta
What matters to our nation, is what matters to us. At Perspecta, everything we do, from conducting innovative research to cultivating strong relationships, supports one imperative: ensuring that your work succeeds. Our company was formed to bring a broad array of capabilities to all parts of the public sector-from investigative services and IT strategy to systems work and next-generation engineering.
Our promise is simple: never stop solving our nation's most complex challenges. And with a workforce of approximately 14,000, more than 48 percent of which is cleared, we have been trusted to do just that, as a partner of choice across the entire sector.
Perspecta is an AA/EEO Employer - All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
As a government contractor, Perspecta abides by the following provision
Pay Transparency Nondiscrimination Provision
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of the other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c).