Millennium Corporation

  • Sr. Information Assurance Engineer (ISSO)

    Job Locations US-MD-Aberdeen
    Posted Date 3 days ago(2/15/2019 9:22 AM)
    Job ID
    2019-1251
  • Overview

    Millennium Corporation is seeking a Sr. Information Assurance Engineer to support a contract in Aberdeen, MD. Candidate must have an active TS/SCI Clearance. 

    Responsibilities

    The Information Assurance Engineer will be responsible for accreditations on a family of system program, DCGS-A.  Specifically, the IA SME is responsible for gathering information necessary to validate system security accreditations, compliance, FISMA reviews, and ensure RMF compliance.  The IA engineer will define, create and maintain the required IA documentation for each system requiring accreditation at the NIPR, SIPR, and TS levels and the associated POAMs.   Furthermore, the IA SME will assess the impacts of system modifications, upgrades, and new systems coming on board that need accreditation.   

     

    Responsibilities

    • Coordinates all Accreditation and Authorization packages for Cross Domain Solutions with the appropriate agency/stakeholders
    • Writes comprehensive security analysis reports including assessment-based findings, outcomes and enter this data into DoD Information Assurance Management data bases for evaluation by Authorizing Officials to support the receipt of a Authority to Operate (ATO) for the systems.
    • Describes, tests and validates security measures active on security infrastructure devices for the protection of computer systems, networks and information system 
    • Identifies and defines system security requirements and correlates/documents them by analysis of organizational standard security operating procedures (SOP) and protocols.
    • Determines security violations and inefficiencies through security tests, evaluations and audits.
    • Describes system security architectures and provides detailed descriptions for the security components of information systems.
    • Recommends technical solutions and new security tools to mitigate identified or potential security vulnerabilities.
    • Recommends techniques to protect system by defining access privileges, control structures, and resources required to implement these structures.
    • Achieves system security operational objectives by contributing guidance and recommendations to program/project leadership.  
    • Recommends improvements by assessing current security implementations and anticipating new security requirements.
    • Maintains system security by implementing and maintaining security controls.

     

    Qualifications

    Must Haves: 

    • Active TS/SCI Clearance
    • 10 years of Information Assurance experience &  bachelor's degree in computer science, mathematics, engineering and 10 years of experience.  
    • Must be 8570 compliant - CISSP, CISM, CAP, or ISSEP
    • Experience working on eMASS.
    • Experience working on NSANET and JWIXs
    • Experience in testing and describing system security implementations for Ports, Protocols, & Service Management (PPSM) 
    • Experience working with DIARMF and NISCAP accreditation processes, and NIST standards
    • Extensive technical knowledge of database and operating system security
    • Awareness of the capabilities of or direct experience with system security tools, including but not limited to firewalls, intrusion detection systems, anti-virus software, access validation systems, identification & authentication systems, audit log management, content filtering, information flow enforcement, and incident response procedures.
    • Experience documenting systems and building a body of evidence in XACTA
    • Experience with network technologies and with system, security, and network monitoring tools
    • Thorough understanding of the latest security controls, testing techniques, and implementation of these controls
    • Information Security Policies (ICD 503, RMF, CNSSI 1253, and NIST SP 800 Series

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed