What are the responsibilities and job description for the Information Assurance Engineer IV-Lead position at Jobs via Dice?
Overview
Job Summary
KaiHonua, LLC has an immediate opening for an Information Assurance (IA) Engineer to join our rapidly growing team. IA Engineer applies IT security principles, methods, and security products to protect and maintain the availability, integrity, confidentiality, and accountability of information system resources and processed information; plans, implements, and manages a Defense In Depth for the total network and/or enclaves within the network; identifies and analyzes threats and vulnerabilities to the information systems to maintain protection, accomplish risk analysis, security testing, and certification due to modifications or changes, completes computer security plans, and enforces mandatory access control techniques; manages a network security program, reporting all incidents promptly and providing corrective action to prevent further incidents; implements guidance to ensure the protection of Internet information, reduces the risks associated with automated processing of information and data, and trains all personnel in IT security awareness, as required.
Responsibilities: (Not listed in order of importance; other duties may be assigned) and must be able to perform the following with minimal guidance:
Work with system owners to close IAVMs/ICVMs and open Plan of Action and Milestones (POA&Ms) in a rapid fashion, in accordance with DoD instructions/directives. Review all POA&MS with the Program Manager on at least a quarterly basis and update the POA&Ms accordingly.
Provide Defense in Depth principles and technology in security engineering designs and implementation
Analyze existing and future systems, reviewing security architectures, and developing engineering solutions that integrate information security requirements to proactively manage information protection
Apply security risk assessment methodology to system development, including assessing and auditing network penetration testing, antivirus deployment, risk analysis
Conduct Computer Incident Response Team (CIRT) activities, including forensic analysis
Plan, implement, and manage a Defense In Depth for the total network and/or enclaves within the network to include such items as: scanning, remediation, host and network intrusion detection/prevention, firewalls, proxy servers, web cache, virus programs, vulnerability scanning, content filtering, remote dial in protection, Host Based Security Services, Directory Services, and Certification and Accreditation, DoD Instruction 5200.40, accreditation guidance and advice IAW AR 25-2 and IA Best Business Practices (BBPs). Plan, respond, investigate, and report undisclosed classified incident remediatio
Requirements
Requirements:
Assess and mitigate system security threats/risks throughout the program life cycle
Validate system security requirements definition and analysis and review/approve System Security Plans for enterprise-wide architectures
Maintain Agency public key infrastructure system Implement security designs in hardware, software, data and procedures
Provide support for the Department of Defense (DoD) Public Key Infrastructure (PKI) service.
Responsible for requesting, receiving, installation, and accountability of system (server) PKI certificates and providing technical support for PKI.
Provide communications security (COMSEC) rekeying support within normal business hours or on-call, as required. Prepare and maintain secure communications devices and crypto keys. Provide Certification and Accreditation, as well as provide Automated Information System Accreditation support
Provide Security Risk Assessment. Perform risk analysis of resources, controls, vulnerabilities, impact of losing systems' capabilities and threats to the mission objective; provide analysis to facilitate decisions to implement security countermeasures or mitigate risk; implement countermeasures; periodically review program. Recognize possible threats and review evaluations for compliance and non-compliance.
Requirements/Qualifications
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill and ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Education / Experience / Certifications
Bachelor's Degree in Computer Science, Cybersecurity, Computer Engineering, or related discipline. Comparable experience in lieu of degree may be considered.
7 years of experience performing Information Assurance functions and using RMF IT security controls and policies preferred
Must possess and maintain an IT I level certification IAW AR 25-2 and IAT-II certification IAW DoD 8570.01-M
Knowledge:
A track record of progressively responsible information assurance experience in one or more of the following information security areas: certification and accreditation, IA system evaluations, system security penetration testing, and IA security operations/network monitoring, Intrusion Detection Systems, Intrusion Prevention Systems, Security Information Management/Security Event Management, network mapping, vulnerability scanners, firewalls, routers and other security tools
Candidate must have at least 3 years of experience in the IT industry, and be familiar with the applicable NIST Special Publications 800-37 Revision 1, 800-53 Revision 3 or 4, and 800-53A Revision 1.
Experience and basic knowledge of networking components and various operating systems in a cloud environment, including UNIX and Microsoft is a plus.
Expertise in other Security Frameworks (ISO, NIST, COBIT, HIPAA/HITECH, etc.) and regulatory requirements is a plus
Working knowledge of public key infrastructure and encryption systems
Experience working on an information security incident response team
Familiarity with Security Technical Implementation Guides (STIG) and system security processes.
Experience working in CMMI Level 3 (or higher) environments is a plus
Abilities:
Ability to organize, prioritize and meet deadlines
Capable of conveying complex information in a simplistic manner
Strong critical thinking and problem-solving skills
Strong self-starter requiring minimal supervision
Able to take proactive measures to prevent problems rather than reactive by nature
Strong verbal and written communication to effectively express concepts, plans, and proposals
Physical Requirements
Work may involve sitting or standing for extended periods of time. Position may require typing and reading from a computer screen. Must have sufficient mobility, including but not limited to bending, reaching, and kneeling to complete daily duties in a timely and efficient manner. May include lifting weight up to thirty (30) pounds as necessary.
A valid driver's license with a clean driving record may be required
Occasional use of company vehicle while on work site
Benefits
Medical, dental, vision, disability, and life insurance
Flexible Spending Accounts
401(k)
PTO
Tuition reimbursement
Paid federal holidays
Security Clearance
Position requires a DoD Secret security clearance.
Company Summary
Headquartered in Hawaii, KaiHonua, LLC is a Native Hawaiian Organization (NHO) owned SBA Small Disadvantaged Business specializing in global information technology and offering professional solutions in IT Design & Installation, Cybersecurity Engineering & Support, Application Integration & Development, Software & Hardware Engineering, Network & Systems Management, Information Systems Security, and Business Management Services.
Leveraging over 30 years of providing IT services to the federal & commercial market with projects located around the world, our team possesses innovative expertise in the development of a wide range of technology solutions. KaiHonua, LLC is an equal opportunity employer.
Our service commitment is simple - "Quality IT Solutions... On Time & On Budget."
KaiHonua, LLC reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Position functions and qualifications may vary depending on business needs.
KaiHonua, LLC is an equal opportunity employer and does not discriminate against applicants based on race, color, creed, religion, medical condition, legally protected genetic information, national origin, sex (including pregnancy, childbirth or related medical condition), sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status or legally protected characteristics.
Posted Salary Range
USD $110,000.00 - USD $128,000.00 /Yr.
Job Summary
KaiHonua, LLC has an immediate opening for an Information Assurance (IA) Engineer to join our rapidly growing team. IA Engineer applies IT security principles, methods, and security products to protect and maintain the availability, integrity, confidentiality, and accountability of information system resources and processed information; plans, implements, and manages a Defense In Depth for the total network and/or enclaves within the network; identifies and analyzes threats and vulnerabilities to the information systems to maintain protection, accomplish risk analysis, security testing, and certification due to modifications or changes, completes computer security plans, and enforces mandatory access control techniques; manages a network security program, reporting all incidents promptly and providing corrective action to prevent further incidents; implements guidance to ensure the protection of Internet information, reduces the risks associated with automated processing of information and data, and trains all personnel in IT security awareness, as required.
Responsibilities: (Not listed in order of importance; other duties may be assigned) and must be able to perform the following with minimal guidance:
Work with system owners to close IAVMs/ICVMs and open Plan of Action and Milestones (POA&Ms) in a rapid fashion, in accordance with DoD instructions/directives. Review all POA&MS with the Program Manager on at least a quarterly basis and update the POA&Ms accordingly.
Provide Defense in Depth principles and technology in security engineering designs and implementation
Analyze existing and future systems, reviewing security architectures, and developing engineering solutions that integrate information security requirements to proactively manage information protection
Apply security risk assessment methodology to system development, including assessing and auditing network penetration testing, antivirus deployment, risk analysis
Conduct Computer Incident Response Team (CIRT) activities, including forensic analysis
Plan, implement, and manage a Defense In Depth for the total network and/or enclaves within the network to include such items as: scanning, remediation, host and network intrusion detection/prevention, firewalls, proxy servers, web cache, virus programs, vulnerability scanning, content filtering, remote dial in protection, Host Based Security Services, Directory Services, and Certification and Accreditation, DoD Instruction 5200.40, accreditation guidance and advice IAW AR 25-2 and IA Best Business Practices (BBPs). Plan, respond, investigate, and report undisclosed classified incident remediatio
Requirements
Requirements:
Assess and mitigate system security threats/risks throughout the program life cycle
Validate system security requirements definition and analysis and review/approve System Security Plans for enterprise-wide architectures
Maintain Agency public key infrastructure system Implement security designs in hardware, software, data and procedures
Provide support for the Department of Defense (DoD) Public Key Infrastructure (PKI) service.
Responsible for requesting, receiving, installation, and accountability of system (server) PKI certificates and providing technical support for PKI.
Provide communications security (COMSEC) rekeying support within normal business hours or on-call, as required. Prepare and maintain secure communications devices and crypto keys. Provide Certification and Accreditation, as well as provide Automated Information System Accreditation support
Provide Security Risk Assessment. Perform risk analysis of resources, controls, vulnerabilities, impact of losing systems' capabilities and threats to the mission objective; provide analysis to facilitate decisions to implement security countermeasures or mitigate risk; implement countermeasures; periodically review program. Recognize possible threats and review evaluations for compliance and non-compliance.
Requirements/Qualifications
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill and ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Education / Experience / Certifications
Bachelor's Degree in Computer Science, Cybersecurity, Computer Engineering, or related discipline. Comparable experience in lieu of degree may be considered.
7 years of experience performing Information Assurance functions and using RMF IT security controls and policies preferred
Must possess and maintain an IT I level certification IAW AR 25-2 and IAT-II certification IAW DoD 8570.01-M
Knowledge:
A track record of progressively responsible information assurance experience in one or more of the following information security areas: certification and accreditation, IA system evaluations, system security penetration testing, and IA security operations/network monitoring, Intrusion Detection Systems, Intrusion Prevention Systems, Security Information Management/Security Event Management, network mapping, vulnerability scanners, firewalls, routers and other security tools
Candidate must have at least 3 years of experience in the IT industry, and be familiar with the applicable NIST Special Publications 800-37 Revision 1, 800-53 Revision 3 or 4, and 800-53A Revision 1.
Experience and basic knowledge of networking components and various operating systems in a cloud environment, including UNIX and Microsoft is a plus.
Expertise in other Security Frameworks (ISO, NIST, COBIT, HIPAA/HITECH, etc.) and regulatory requirements is a plus
Working knowledge of public key infrastructure and encryption systems
Experience working on an information security incident response team
Familiarity with Security Technical Implementation Guides (STIG) and system security processes.
Experience working in CMMI Level 3 (or higher) environments is a plus
Abilities:
Ability to organize, prioritize and meet deadlines
Capable of conveying complex information in a simplistic manner
Strong critical thinking and problem-solving skills
Strong self-starter requiring minimal supervision
Able to take proactive measures to prevent problems rather than reactive by nature
Strong verbal and written communication to effectively express concepts, plans, and proposals
Physical Requirements
Work may involve sitting or standing for extended periods of time. Position may require typing and reading from a computer screen. Must have sufficient mobility, including but not limited to bending, reaching, and kneeling to complete daily duties in a timely and efficient manner. May include lifting weight up to thirty (30) pounds as necessary.
A valid driver's license with a clean driving record may be required
Occasional use of company vehicle while on work site
Benefits
Medical, dental, vision, disability, and life insurance
Flexible Spending Accounts
401(k)
PTO
Tuition reimbursement
Paid federal holidays
Security Clearance
Position requires a DoD Secret security clearance.
Company Summary
Headquartered in Hawaii, KaiHonua, LLC is a Native Hawaiian Organization (NHO) owned SBA Small Disadvantaged Business specializing in global information technology and offering professional solutions in IT Design & Installation, Cybersecurity Engineering & Support, Application Integration & Development, Software & Hardware Engineering, Network & Systems Management, Information Systems Security, and Business Management Services.
Leveraging over 30 years of providing IT services to the federal & commercial market with projects located around the world, our team possesses innovative expertise in the development of a wide range of technology solutions. KaiHonua, LLC is an equal opportunity employer.
Our service commitment is simple - "Quality IT Solutions... On Time & On Budget."
KaiHonua, LLC reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Position functions and qualifications may vary depending on business needs.
KaiHonua, LLC is an equal opportunity employer and does not discriminate against applicants based on race, color, creed, religion, medical condition, legally protected genetic information, national origin, sex (including pregnancy, childbirth or related medical condition), sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status or legally protected characteristics.
Posted Salary Range
USD $110,000.00 - USD $128,000.00 /Yr.
Salary : $110,000 - $128,000