Information Assurance Compliance Specialist II

Job Description

Overview

Information Assurance Compliance Specialist II

Location: Philadelphia, PA

Salary Range $90,000 to $100,000 per year

Kiakahi LLC is looking for an experienced Information Assurance Compliance Specialist II to join its team.

Assess & Authorize (A&A) and Assess Only (AO) Support:

Collect and collate system or site information and evaluate/document in eMASS the security posture of systems being assessed, authorized, and maintained
Develop, submit, and maintain RMF packages in accordance with DoD Instruction 8510.01, NAVSEA business rules, DON RMF process guides, and NAVSEA SOPs
Develop RMF package documentation including AO determination request packages, system PIT determinations, categorization forms, HW/SW lists, authorization boundary diagrams, defense in depth diagrams, PPSM lists, PIAs, security plans, POA&Ms, SAPs, STIGs, SARs, RARs, and security authorization packages
Develop or revise policies, plans, and strategy documents to meet RMF control family requirements including incident response plans, contingency plans, IAVM plans, configuration management plans, and physical security plans

Risk and Vulnerability Assessment:

Conduct risk and vulnerability assessments of planned and installed systems to identify vulnerabilities, risks, and protection needs
Conduct systems security evaluations, audits, and reviews
Determine residual risk of packages based on content and assessment results for Security Controls Assessor (SCA) review

Security Assessment and Testing:

Execute Security Assessment Plans (SAPs) by conducting on-site testing for afloat and PIT ashore systems
Execute STIGs, SRGs, ACAS scanning, and apply patches to obtain cybersecurity compliance and remediate vulnerabilities
Develop and maintain POA&Ms in eMASS for all IA-related tasks and deliverables

Monitoring and Analysis:

Perform analysis of logs, events, and reporting of data collection tools including ACAS, HBSS, web content filters, SIEM, firewall systems, network devices, server devices, workstations, and IDS/IPS
Assess impacts from observed risks and report via the cybersecurity program chain of command
Conduct systems security reviews, audits, or evaluations to ensure accreditation documents are accurate

RMF Continuous Monitoring Support:

Develop and update all required eMASS documents including POA&Ms, RARs, and DISA STIGs at specified frequencies
Determine system compliance with all applicable controls and assessment procedures for DON systems
Ensure RMF artifacts comply with Navy/NAVSEA business rules, NIST SP-800-37, and SP-800-53 Rev 4

Additional Duties:

Perform evaluation of system administrator, security engineer, and system owner proposed corrections to ensure compliance
Present and submit data to management, develop reports, and produce procedural documentation
Manage, attend, and support Configuration Control Board practices
Track deliverables and action items in accordance with A&A guidance
Support cybersecurity technical writing as required

Tools and Systems

Proficiency required in:

Enterprise Mission Assurance Support Service (eMASS) - both unclassified and classified
Assured Compliance Assessment Solution (ACAS)
DISA STIG Viewer / eMASSTer
Security Content Automation Protocol (SCAP) tools
Microsoft Visio
Vulnerability Remediation Asset Manager (VRAM)
Host Based Security Systems (HBSS)
Security Information and Event Management (SIEM) tools

Applicable Standards and References

DoD Instruction 8510.01 (Risk Management Framework for DoD IT)
DON RMF Process Guide
NAVSEA Business Rules
NIST SP 800-37 and SP 800-53 Rev 4
DoD 8570.01-M (Information Assurance Workforce Improvement Program)
NAVSEAINST 9400.2A

Requirements

Requirements

Education:

Bachelor's degree in Computer Science, Information Technology, or a related technical degree from an accredited college or university.

Experience:

Minimum: Three (3) years of professional experience in information assurance compliance Target: Four (4) years of professional experience in information assurance compliance

Certifications: IAM Level 2 certification required. Acceptable certifications include one of the following:

CAP (Certified Authorization Professional)

CASP+ CE

CISM (Certified Information Security Manager)

CISSP or CISSP Associate

GSLC (GIAC Security Leadership Certification)

CCISO

HCISPP

Operating System/Computing Environment (OS/CE) qualification as directed by Privileged Access Agreement and DFARS requirements

Continuing Professional Education (CPE) as required by certification

Security Clearance

Active Secret security clearance

Physical Requirements

Work may involve sitting or standing for extended periods of time. Position may require typing and reading from a computer screen. Must have sufficient mobility, including but not limited to bending, reaching, and kneeling to complete daily duties in a timely and efficient manner. May include lifting weigh up to thirty (30) pounds as necessary.

Benefits

Medical, dental, vision, disability, and life insurance

Flexible Spending Accounts

401(k)

PTO

Professional Development

Paid federal holidays

Paid Parental Leave

Company Summary

Headquartered in San Diego, CA, Kiakahi LLC is a Native Hawaiian Organization (NHO) owned SBA Small Disadvantaged Business specializing in global information technology and offering professional solutions in IT Design & Installation, Cybersecurity Engineering & Support, Application Integration & Development, Software & Hardware Engineering, Network & Systems Management, Information Systems Security, and Business Management Services.

Leveraging over 30 years of providing IT services to the federal & commercial market with projects located around the world, our team possesses innovative expertise in the development of a wide range of technology solutions. Kiakahi, LLC is an equal opportunity employer.

Our service commitment is simply to become - "Your Supreme Partner for Success."

Kiakahi LLC reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Positions functions and qualifications may vary depending on business needs.

Kiakahi LLC is an equal opportunity employer and does not discriminate against applicants based on race, color, creed, religion, medical condition, legally protected genetic information, national origin, sex (including pregnancy, childbirth or related medical condition), sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status or legally protected characteristics.

Posted Salary Range

USD $90,000.00 - USD $100,000.00 /Yr.