Information Assurance Compliance II with Security Clearance

Work Status: Full-Time Location: Philadelphia, PA Security Clearance: Secret Requisition Number: CU-IAC-II-001 Job Summary: The Information Assurance Compliance II will support efforts to integrate new technology with IT security standards, technical writing, governance, and policy development/ management required to develop, evaluate Information Assurance Assessment and Authorization (A&A) for servers and systems, and validation for systems. Responsibilities: Provide DoD Information Assurance Certification & Accreditation Process (DIACAP) and Risk Management Framework (RMF) services. Perform validation of A&A packages and artifacts; implementation of security postures. Follow the most current applicable documents including: DON RMF Process Guide, DoD Instruction 8510.01, and the business rules of cognizant review offices for each package. Perform A&A Validation including their associated validation test procedures; associated validation artifact; validation plan and procedures; compliance status; validation tests; validation results/report and supporting documentation. Validate the confidentiality, integrity, and availability of systems, networks, and data in accordance with information systems programs, policies, procedures and goals. Develop procedures to ensure information systems reliability and accessibility; prevent and defend against unauthorized systems, network and data. Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks protection needs; conduct systems security evaluation, audits, and reviews; determine the residual risk of a package based on content and assessment results and documenting for the Security Controls Assessor's (SCA) and higher-level review. Conduct systems security reviews, audits, or evaluations, as appropriate, to ensure accreditation documents are accurate in the current risk posture of the system. Interpret and implement local information security and higher-level policies and procedures to ensure networks and information systems are reliable, accessible and protected against unauthorized access. Requirements: Five years of practical experience in a cybersecurity or assessment and authorization (A&A) related field. Experience should include implementing and/or reviewing RMF and A&A lifecycle documentation in accordance with DON, DoD, NIST SP-800-37, and SP-800-53 Rev 4 policies; ensuring/validating the confidentiality, integrity, and availability of systems, networks, and information; and conducting risk and vulnerability reviews and assessments to ensure accreditation procedures were followed, and documenting non-compliance. CAP, GSLC, Security+ CE. Bachelor's degree in computer science, information technology, or an equivalent technical degree from an accredited college or university.