Information Assurance Analyst
The candidate shall assist in the accreditation of developed software and systems. The Candidate shall perform testing and analysis of IA controls and secure configuration using the Assured Compliance Assessment Solution (ACAS), DISA STIG, STIG viewer, and SCAP Compliance Checker, the DIACAP, and other tools. The candidate shall make preparations for Command Cyber Readiness Inspections (CCRI), Cyber Security Inspections (CSI), and other network inspections by developing documents such as standard operating procedures (SOP) and Visio diagrams.
The Candidate shall provide support in the identification and analysis of the system concept and the identification of the operational and functional requirements of new, developing and existing systems in order to develop the system security approach which includes defining security environments, potential threats, vulnerabilities, safeguards, security performance indicators and risk factors. The Candidate shall identify alternative operational or performance approaches and security measures and compare alternatives by applying decision criteria. The Candidate shall conduct and evaluate threat, vulnerability and risk analysis of developing systems. The Candidate shall document results of analysis and recommend corrective action, contingencies and other issues appropriate to each specific analysis. The Candidate shall enter systems and Lab Packages into IATS or EMASS for processing by Authorizing Official Designated Representative (AODR) and/or ODAA.
Experience with EMASS, Ports/Protocols/Services exceptions, and configuration control boards (CCBs) is a plus.
Minimum Requirements (from Personnel Qualifications):
1) Degree in (STEM), or an Information Technology (IT) related field AND two (2) years of relevant work experience, OR Associate's Degree in an Information Technology (IT) related field AND four (4) years of relevant work experience, OR High School Diploma or equivalent AND six (6) years of relevant work experience.
2) Commercial certification meeting or exceeding DoD 8570.01M requirements for IAM-1 (ex. CompTIA Security+)
3) Two (2) years of demonstrated experience in ALL of the following: a. DIACAP or RMF
b. IDS, Firewalls, DISA STIGs, vulnerability scanning tools (NESSUS)
4) Demonstrated knowledge of DIACAP (for GENSER systems), National Institute of Standards & Technology (NIST) SP 800-53 (for Unclassified systems), Department of Defense Instruction (DoDI) 8510.01 – DIACAP.
If they are an FQNV then we would increase the salary because we would place them in a SR IA analyst role.
Apex is an Equal Employment Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at 844-463-6178