Information Assurance and Security Specialist
Greenbelt, MD

Job Description

Requisition ID: 45056

All Locations: Greenbelt, MD (Maryland)

A trusted partner. A national resource. A leader in national security space. We are THE Aerospace Corporation. A team that takes pride in our readiness to solve some of the most complex technical challenges in existence. With challenges spanning government to commercial, you'll have the unique opportunity to work on projects that are literally evolving our nation's space and launch capabilities. We all share a common passion and aspiration - to serve a mission much bigger than ourselves. When you join our team, you'll be part of a rare collection of thought leaders and game-changing innovators. Are you ready to launch your career?

Responsibilities

SUMMARY OF RESPONSIBILITIES

The Information Assurance and Security Specialist will be responsible for the planning of information security and coordination of various privacy policies, compliance artifacts and standards supporting DoD RMF framework. The Specialist will assist with the day-to-day interpretation, implementation, enforcement, and execution of the NISPOM while administering the documentation, testing, validation, and accreditation processes necessary to ensure systems meet security and privacy RMF requirements. Conduct formal assessment and authorization documentation, and testing for both legacy and new systems in accordance with all DoD security requirements. Selected candidate will be responsible for supporting multiple security- and safety-related functions, within the Security & Safety Directorate. Candidate must possess an in-depth knowledge of applicable U.S. government security regulations. Candidate will be on call to respond to emergencies 24 hours per day, 7 days a week.

Demonstrates behavior that is consistent with the company's values of Dedication to Mission Success, Technical Excellence, Commitment to Our People, Integrity and Objectivity.

Key Functions

* Provide support regarding DoD RMF assessment and authorization (A&A) processes and matters
* Maintains information and data regarding end-user issues within the tracking system and according to policies and standards
* Perform vulnerability scans, conduct risk assessments, and implementation of vulnerability assessments
* Reviews, develops, and implements security plans for existing and new computer assets
* Experience in running Security Content Automation Protocol (SCAP) or Nessus, compliance and hardening tools on systems, to provide risk input to the ISSM
* Coordinates and performs information security inspections, tests, and reviews
* Supports the implementation and development of an organizations' IT security program
* Ensures security policies, standards and procedures are established and enforced
* Trains and briefs employees on the IS systems. Ensures users have appropriate security clearance and access to information
* Verify that applicable security measures identified by the IA Vulnerability Management (IAVM) program are applied
* Understand classification management, classified document control, and classified media control
* Submit and track accreditation packages, to include annual reviews of accredited networks/systems
* Knowledge of techniques to perform clearing, purging, declassifying, and releasing of system memory, media, and output
* Conduct evaluation and analysis of software/hardware intended for use on the secured IT assets
* Conducts hardware and software implementations
* Investigates and reports IS security incidents. Ensures proper protection or corrective measures have been taken.
* Provide initial IA briefings and annual reindoctrinations as appropriate
* Provide incident response by investigating and reporting classified messaging incidents
* Monitor mitigation and remediation progress; draft and update Plans of Action and Milestones (POA&Ms)
* Conduct auditing and hardware tracking
* Perform information system security inspections, tests, and reviews
* Ensure security policies, standards, and procedures are enforced
* Create and maintain System Security Plan (SSP) and related documentation per IT asset
* Complete DoD self-inspections and audits/assessments
* Conducts investigations of known or suspected security infractions/violations
* Input visit requests into JPAS
* Conduct eQIP, initial and periodic reinvestigation
* Properly destroy classified materials as required
* Assist with constructing Security Newsletter
* Processes foreign visit and foreign travel requests
* Manage the COMSEC materials
* Assist with compliance of DD254 contracts
* Provides technical support for alarms and systems
* Support and travel to regional offices
* Other duties as assigned

Qualifications

Level 3 Requirements:

* 3 or more years of Information Assurance experience with Associate's Degree OR 5 or more years of Information Assurance experience with High School Diploma (or equivalent).
* Experience with National Industrial Security Program Operating Manual (NISPOM), and Risk Management Framework (RMF)
* DoD 8570 IAM level Certification
* Experience with Security Technical Implementation Guides (STIGs), and the ability to justify the technical need for applying each setting
* Experience with the assessment and authorization (A&A) process and ability to ensure assets reach full accreditation
* Experience applying technical solutions from NIST 800-53 controls as dictated by the RMF
* Proficiency with MS Office suite
* Strong attention to detail
* This position requires an active U.S. government security clearance. U.S. citizenship is required to obtain a security clearance.

Level 4 Requirements:

* 6 or more years of Information Assurance experience with Associate's Degree OR 8 or more years of Information Assurance experience with High School Diploma (or equivalent).
* Experience with National Industrial Security Program Operating Manual (NISPOM), and Risk Management Framework (RMF)
* DoD 8570 IAM level Certification
* Experience with Security Technical Implementation Guides (STIGs), and the ability to justify the technical need for applying each setting
* Experience with the assessment and authorization (A&A) process and ability to ensure assets reach full accreditation
* Experience applying technical solutions from NIST 800-53 controls as dictated by the RMF
* Proficiency with MS Office suite
* Strong attention to detail
* This position requires an active U.S. government security clearance. U.S. citizenship is required to obtain a security clearance.

PREFERRED QUALIFICATIONS:

* Bachelor's degree in related discipline
* CompTIA, A+
* CompTIA, Network+
* CompTIA, Security+
* Certified Information Systems Security Professional (CISSP)
* JPAS/JCAVS certification from CDSE
* Essentials of Industrial Security Management training
* Protecting Classified Information certification

PHYSICAL REQUIREMENTS/WORK ENVIRONMENTS:

* Ability to sit or stand for extended periods of time.
* Ability to use and lift a computer to complete activities.
* Ability to communicate with individuals and groups in person, by phone and telepresence.
* While performing the duties of this job, the employee will typically work in an office environment.

Transcript Requirement

None