Information Assurance Compliance Analyst 3
Role details
Job location
Tech stack
Job description
Oversee, evaluate, and support documentation, validation and accreditation processes necessary to assure that new information technology (IT) systems meet the organization's information assurance (IA) and security requirements. Ensure appropriate treatment of risk, compliance, and assurance from internal and external perspectives.
Due to federal contract requirements, United States Citizenship and position appropriate security clearance is required. (e.g. Active TS/SCI security clearance with customer appropriate polygraph).
Capabilities:
- Verify documentation and databases to ensure device inventory information, serial numbers, IP addresses, device physical and logical locations, cable information, rack elevation diagrams, and architectural diagrams are accurate
- Support Authorization and Accreditation processes for NSA boundaries
- Support all phases of the Risk Management Framework (RMF)
- Lead and document maintenance of system security postures, patching, compliance with Security Technical Implementation Guides (STIG), and ensure the maintenance of the Authority to Operate
- Ensure all cyber security issues are identified and promptly resolved
- Maintain the security posture of applications and infrastructure considering Information Assurance Vulnerability Alerts (IAVA) and Cyber security Task orders (CTOs)
- Perform a monthly review of security scans of all NSA boundary applications/assets that are provided by the IAVA scanning team
- Provide a comprehensive Risk Management Plan to address, identify, assess and provide prioritization of risks
- Conduct Command Cyber Readiness Inspection (CCRI) to include Preparation, Review, Continual Improvement, and CCRI Site Assist Visit
- Identify, report, and resolve security violations
- Establish and satisfy information assurance and security requirements based upon the analysis of user, policy, regulatory and resource demands
- Perform vulnerability/risk analysis of computer systems and applications during all phases of the system development life cycle, Annual Compensation Figures listed for this position serve as a general guideline and are not a guarantee of compensation. Compensation will vary dependent upon factors including but not limited to: Government contract rates; annual hours worked; education; relevant prior work experience, knowledge, skills, and competencies; certifications, and geographic location.
Benefits Package: Itezz Inc. believes in generously supporting employees as they prepare for retirement. The company automatically contributes an additional 10% of each employee's gross compensation to the company SEP IRA plan, with no requirement for employee matching. All contributions are fully vested from day one, ensuring immediate ownership of retirement funds.
Full-time employees have the option to participate in a variety of voluntary benefit plans including:
- A Choice of CareFirst BlueChoice Medical Plans, some with Health Savings Account (HSA)
- CareFirst Preferred Dental
- CareFirst BlueVision
Requirements
- TS/SCI with Agency Appropriate Polygraph
- Five (5) years experience working as an Information Assurance Analyst for an information technology, information assurance, or information management program.
- Bachelor's degree in cyber security, computer science, management information systems or related IT field.
- A Master's degree in cyber security, computer science, management information systems or related IT field may be substituted for two (2) years of experience, reducing the requirement to three (3) years of experience.
- CompTIA CISSP certification
- An additional certification in one (1) of the following:
- CompTIA Security+ CE,
- Global Information Assurance Certification (GIAC) Security Essentials Certification (GSEC)
- ISC2 Systems Security Certified Practitioner (SSCP)
- Cisco Certified Network Associate (CCNA) Security
