Position Title: Information Security Engineer Journeyman
Work Location: Fort Lee - Petersburg, VA
IASAE Level II positions are responsible for the design, development, implementation, and/or integration of a DoD IA architecture, system, or system component for use within the Network Environment (NE). Incumbents ensure that IA related IS will be functional and secure within the Network Environment and consequently the System of Systems environment. DoD 8570.01-M spells out the tasks and duties in detail and the DFARS stipulates compliance with the DoD 8570.01-M. Must have a working knowledge of the functions spelled out in Table C10.T5. IASAE Level II Functions in DoD 8570.01-M.
- Provide support that meets the requirements in DoDD01, Cyberspace Workforce Management, DoD 8570.01- M, Information Assurance Training, Certification, and Workforce Management, AR 25-2, Information Assurance, when published AR 25-2, Cybersecurity, and associated Army Best Business Practice for Information Assurance Training, 05-PR-M-0002, as well as advanced software assurance services for the supported systems in this Task Order. Additionally, supporting personnel that will have privileged level system or network access shall meet the DODI 8500.2 Investigative Level requirements for Testing, i.e., Single Scope Background Investigation.
- Provide and maintain the Cybersecurity posture for the supported system and its components
- Develop and administer security training IAW DoD requirements, and shall support, monitor, and report security posture for all CECOM SEC customers computers, electronic and non-electronic data
- Perform and document information system security control test for the supported system. IS Security Control Test identify the security posture of the system and ensure that fixes made address issues identified in the current Plan of Actions & Milestones (POA&M) and other compliance reports. IS Security Control Tests include Assured Compliance Assessment Solution (ACAS) scans, Security Content Automation Protocol (SCAP), HP Fortify, verification with automated Security Technical Implementation Guides (STIGs) benchmarks, manual review of system STIG compliance, and review of system operating procedure compliance with Information Assurance (IA) control requirements. Annual test based on Federal Information System Management (FISMA) requirements. Documentation includes system configuration, compliance scans, cybersecurity reports and submission into eMASS.
- Provide input to the Government designated Information Assurance Program Manager (IAPM)/ Information System Security Manager (ISSM) to update the POA&M with findings from Information System (IS) Security Control Tests for the supported system based on incidents and inspections for the supported system.
- Strong people skills as well as good verbal and written communication skills and have a history of success with customer facing environments.
- Ability to organize, prioritize and meet deadlines
- Capable of conveying complex information in a simplistic manner
- Strong critical thinking and problem-solving skills
- Strong self-starter requiring minimal supervision
- Able to take proactive measures to prevent problems rather than reactive by nature
- Strong verbal and written communication to effectively express concepts, plans, and proposals
- Must be a U.S. Citizen
- Bachelor's Degree in Computer Science, or other Engineering or Technical discipline with an Information Security or Cyber Security concentration
- Relevant work experience and training may be considered in lieu of a degree.
- Minimum Years of Relevant Experience: 9 years within the last 15 years
- Seven years of professional experience, appropriate computing environment certification, and IA WORKFORCE SYSTEM ARCHITECT AND ENGINEER (IASAE) SPECIALTY qualified in accordance with standards spelled out in DoD 8570.01-M and the Army Information Assurance(IA) Training and Certification Best Business Practice, corrected 6 Aug 2010. Experience can substitute for the degree provided the person has BOTH the relevant experience AND is fully Information Assurance (IA) certified in accordance with AR 25-2, Information Assurance, and the associated best business practice for IA Training and certification (IA Training BBP).
- Must be a U.S. Citizen
- Must possess and maintain an IT-I level certification IAW AR 25-2 and IAT-II/IAM-II certifications IAW DoD 8570.01-M
Work may involve sitting or standing for extended periods of time. Position may require typing and reading from a computer screen. Must have sufficient mobility, including but not limited to bending, reaching, and kneeling to complete daily duties in a timely and efficient manner. May include lifting weigh up to thirty (30) pounds as necessary.
Position requires a Secret clearance
KaiHonua LLC reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Positions functions and qualifications may vary depending on business needs.
KaiHonua LLC is an equal opportunity employer and does not discriminate against applicants based on race, color, creed, religion, medical condition, legally protected genetic information, national origin, sex (including pregnancy, childbirth or related medical condition), sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status or legally protected characteristics.