Req ID: 32366
Summary
Information Assurance Officer
Alexandria, VA
Chenega IT Enterprise Services (CITES) offers forward-thinking technology solutions to federal agencies and the DoD. Formed in 2016 to serve federal customers CONUS, CITES has grown quickly into a best practices leader for the modern federal enterprise.
Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a career where professional development is embedded in your employer’s core culture? If so, Chenega Military, Intelligence & Operations Support (MIOS) could be the place for you! Join our team of professionals who support large-scale government operations by leveraging cutting-edge technology and take your career to the next level!
The Information Assurance Officer (IA Officer/ISSO) supports the AGC Information System Security Manager (ISSM) with Assessment and Authorization and Access Only activities following DoDI 8510.01 and NETCOM Tactics, Techniques, and Procedures (TTP) for Risk Management Framework (RMF) processes. The Information Assurance Officer (IA Officer/ISSO) collaborates closely with the cross-functional team comprised of cybersecurity, system administrators, and desktop support to perform and report on continuous monitoring, vulnerability management scanning, patching, analysis; review, maintenance, and update eMASS records for document updates, security controls, POAM milestones, and compliance, ensure application of DISA quarterly STIG releases and STIG results analysis.
Responsibilities
Report on and perform continuous monitoring on all AGC-supported systems and networks; identify, mitigate, and resolve cyber security incident issues and concerns
Develop guidelines, plans, analyses, reviews, and mitigations in the areas of security incident response and mitigation strategies, vulnerability scanning, writing security assessments, and other cybersecurity-related activities and mandates
Respond to all cyber security notices as directed by the Cyber Security Service Provider (CSSP) and pertinent service providers, take action to comply with security notices and record compliance
Provide technical support, including documentation, to enable required AGC systems to meet the requirements of receiving an Authority to Operate (ATO) accreditation decision via the Department of Defense (DoD) Risk Management Framework (RMF)
Support operational cybersecurity activities, including vulnerability scanning, IAVM compliance, STIG and SRG application, assessment, and remediation, and POA&Ms
Support cybersecurity governance, risk, and compliance by providing plans, policies, and procedures relevant to AGC’s systems, applications, and networks, including AGC GovCloud (L2), and other accredited systems and applications
Maintain AGC’s Tenant Security Plans (TSP) for SIPR and NIPR, Authority to Operate (ATO) for JWICS and Interim Authority to Test (IATT), Approval to Connect (ATC), and any other documentation necessary to support AGC’s network connections and mission systems
Manage the eMASS records for AGC’s mission systems and enclaves, create and track POA&Ms, track IAVM and STIG compliance, and manage eMASS artifacts necessary to support evidence for applicable security controls
Support RMF activities, including categorization of systems IAW NIST SP 800-60, selection of security controls IAW CNSSI 1253 and NIST SP 800-53, assessment of security controls IAW NIST SP 800-53A, development and implementation of Continuous Monitoring Plans IAW NIST SP800-137, STIG Traceability Matrix, hardware/software/firmware list, and System Security Plan (SSP)
Participate in the configuration process through representation on the Technical Review Board (TRB) and Configuration Control Board (CCB) and provide a security impact assessment for changes submitted through Request for Change (RFCs)
Responsible for the reporting and analysis of continuous monitoring of AGC’s systems, applications, and networks
Configure vulnerability scanning, analyze results, and close or mitigate findings
Organize the assessment of AGC GISO IT assets using applicable STIGs, SRGs, and/or vendor supply hardening guidelines
Responsible for configuring AGC GISO IT assets for vulnerability scanning and ensuring 100% coverage using credentialed scans
Coordinate with RNEC-NCR, C5ISR, and GISA as necessary to ensure vulnerability assessment tools are in place and working properly
Analyze vulnerability scan results and resolve open findings; for findings that cannot be closed, create a POA&M, and recommend mitigation(s) to lessen the impact of the vulnerability; submit Operational Impact Statements (OIS) for Critical and High IAVAs
Support response procedures for cybersecurity incidents, like breaches, spillage, and insider threat actions
Maintain all cybersecurity documentation required for accreditation for AGC’s GISO assets, including but not limited to architecture diagrams, boundary diagrams, data flow diagrams, ports, protocols, services exception requests, PKI certifications, IA metrics, and Privacy Impact Assessments (PIA) in the requisite cybersecurity document repository and eMASS
Provide input to the weekly and monthly status report covering technical activities for this functional area, including priorities, tasks, accreditation due dates and schedules, POAM status, metrics, continuous monitoring tasks, et al
Other duties as assigned
How you’ll grow
At Chenega MIOS, our professional development plan focuses on helping our team members at every level of their careers to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn.
We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their careers.
Benefits
At Chenega MIOS, we know that great people make a great organization. We value our team members and offer them a broad range of benefits.
Learn more about what working at Chenega MIOS can mean for you.
Chenega MIOS’s culture
Our positive and supportive culture encourages our team members to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them be healthy, centered, confident, and aware. We offer well-being programs and continuously look for new ways to maintain a culture where we excel and lead healthy, happy lives.
Corporate citizenship
Chenega MIOS is led by a purpose to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our team members, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities.
Learn more about Chenega’s impact on the world.
Chenega MIOS News- https://chenegamios.com/news/
Tips from your Talent Acquisition Team
We want job seekers exploring opportunities at Chenega MIOS to feel prepared and confident. To help you with your research, we suggest you review the following links:
Chenega MIOS web site - www.chenegamios.com
Glassdoor - https://www.glassdoor.com/Overview/Working-at-Chenega-MIOS-EI_IE369514.11,23.htm
LinkedIn - https://www.linkedin.com/company/1472684/
Facebook - https://www.facebook.com/chenegamios/
#Chenega IT Enterprise Services, LLC
Chenega Corporation and family of companies is an EOE.
Equal Opportunity Employer/Veterans/Disabled
Native preference under PL 93-638.
We participate in the E-Verify Employment Verification Program