INFORMATION ASSURANCE ANALYST (Req 23 025)

Responsibilities: Report to the system ISSM as delegated ISSM assistant. Manage systems of record as system ISSO. Maintain multiple Authorization To Operate (ATO). Act as the ISSM liaison for multiple ISSO Team members governing multiple Research, Development Test and Evaluation (RDT&E) enclaves.

Provide technical and procedural Information Assurance support to the ISSM and ISSO team. Review and/or edit, documentation provided by ISSO team. Supervise IA Teams hardening, patching, and updating configuration of systems, including implementation of Information Assurance Vulnerability Management (IAVM) and Security Technical Implementation Guide (STIG) compliance. Develop and implement Continuous Monitoring Strategies

Support stakeholders during RMF processes. Support FAO/NAO Step 4 NQV validations. Develop RMF accreditation packages and associated artifacts. Develop and maintain accreditation project schedule in Microsoft Project. Develop, review and update Architecture, Boundary, and Dataflow diagrams. Maintain the RMF Security Assessment Plan and the POA&M database in eMASS. Maintain Inventory and documentation of hardware and software assessment boundary.

Education: BS or BA degree from an accredited university in Computer Science, Information Systems or a "Relevant Technical Discipline."

Allowable Substitution: An AS or AA degree from an accredited university in a technical discipline or related field and an additional four (4) years of IT experience can be substituted for a BS or BS degree OR an additional eight (8) years of experience may be substituted for a BS or BA.

Experience: At least six (6) years of experience working with (DoD) Risk Management Framework (RMF). Experience processing ACAS automated vulnerability scans into POA&Ms. Prefer candidates with the following experience:

• NAO/FAO RMF Steps 1 through 3
• eMASSter
• eMASS
• VRAM
• IATTs
• MFRs
• Automated STIG and ACAS processing tools
• Change Management processes
• Microsoft Word, Excel, and Visio

Other: Must meet Cyber Security Work Force (CSWF) requirements as defined in DOD 8570.01-M (Security + and operating system specific training). An Active Top Secret Clearance is required.