Information Assurance/Security Analyst (AWS Preferred)

Job Description

ASRC Federal Communications is seeking anInformation Assurance and Security Analyst with excellent collaboration skillsto support our Unified Cyber Situational Awareness (UCSA) contract with the Defense Information Systems Agency (DISA) at our Pensacola, FL location. This position supports for all activities relating to information assurance procedures and systems. Confers with and advises other section leaders regarding administrative policies, internal controls, and security procedures, resolving technical problems, priorities, and methods. Prepares activity and progress reports relating to the information systems audit function.

Duties and Responsibilities

• Execute and maintenance of the UCSA Information Security Plan.
• Categorization and assignment of security controls in Enterprise Mission Assurance Support Service (eMass).
• Creation and maintenance of the A A package in eMass.
• Coordination on inherited security controls within eMass.
• Management and update of DoD Information Technology Portfolio Repository entries.
• Ports, Protocols, Services Management.
• Processes required to achieve and maintain all Authority to Operate (ATO) Interim Authority to Test (IATT) approvals.
• Reporting on Federal Information Security Management Act (FISMA).
• Management and oversight for Security Technical Implementation Guide (STIG) /Information Assurance Vulnerability Alert (IAVA) compliance.
• Compliance and management of Security Incident Response Cyber Security Service Provider (CSSP).
• Scanning and compliance activities associated with Assured Compliance Assessment Solution (ACAS).
• Review and compliance activities associate with Continuous Monitoring and Risk Scoring / RMF.
• Support the Creation and Management of system profiles, plans and scorecards within eMass, as well as the creation and management of all artifacts tied to security controls within eMass.

Requirements

• Bachelor's degree in related field or equivalent relevant experience.
• Active DoD 8570 IA baseline security certification for IAT Level II (e.g. Security+ CE, CISSP).
• Experience with DoD RMF, DIACAP or NIST Risk Management Framework (RMF).
• Experience with information assurance including accreditation and security testing as well as evaluation, implementation, and execution of security engineering practices in the Systems and Software Development Life Cycle (SDLC) process.
• Knowledge of technical DoD, IC, and national level system security initiatives supporting Local Area Network (LAN), Wide Area Network (WAN), Cross Domain Solutions (CDS), and Cloud technologies, providing subject matter expertise in overcoming technical obstacles and questions.
• Knowledge of several of the following areas is required: Understanding of business security practices and procedures; current security tools available; hardware/software security implementation; different communication protocols; encryption techniques/tools; familiarity with commercial products, and current lab infrastructure technology.
• Knowledge of Computer Network Defense (CND) policies, procedures, and regulations
• Knowledge of boundary protection and enclaving
• Knowledge of security tools and systems including ACAS, Nessus, Splunk, etc.
• Ability to support Cybersecurity reviews, including generation of security artifacts, such as security plans, POA M, and security CONOPS.
• Knowledge of ITIL processes desired.
• Must be able to work on-site in Pensacola

Experience:

• 3-5 years Risk Management Framework (Required) andInformation System Security Officer (ISSO) or Manager (ISSM)
• Previous role supporting RMF or FedRamp accreditation processes

Preferred

• AWS
• Experience with HBSS.

Clearance Requirements:

• The selected candidate must have an active Secret clearance with the ability to obtain a Top Secret clearance.
• US Citizenship is Required.

**COVID-19 Vaccination Requirement Statement

The COVID-19 vaccination requirement in Executive Order 14042 and FAR 52.223-99 is currently not effective. But please note that if those or other related requirements become effective, positions will require successful candidates to obtain and show proof of COVID-19 vaccination(s). ASRC Federal is an equal opportunity employer and will provide reasonable accommodation to those individuals who are unable to be vaccinated consistent with federal, state, and local law.

EEO Statement

ASRC Federal and its Subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.