• Information Assurance Security Specialist (IASS)

    Job Locations US-VA-Tysons Corner
    # of Openings
    1
    Category
    Information Technology
    Agency/Project
    Dept. of State
    Job ID
    2019-2830
  • Overview

    OBXtek Inc. is an established, award-winning, service disabled veteran owned business providing information technology and professional management services to the federal government. Our corporate growth has coincided with our investment in our employees as well as in outreach to our civilian and military community.

    Responsibilities

    OBXtek is staffing for an Information Assurance (IA) Security Specialist to work in our Tysons Corner Headquarters Office.

     

    The IASS tasks and responsibilities include:

     

    • *Working as an information system security subject matter expert (SME) on FISMA, NIST standards and guidelines, Privacy Act, HIPAA, E-Gov, OMB Circulars A-11 and A-130, and Clinger-Cohen as they apply to data and application security.
    • Responsible for Assessment and Authorization (A&A) activities for Consular Affairs / Consular Systems and Technology (CA/CST) automated information systems (AIS) and provides A&A support for domestic and oversea deployed systems.
    • Tracks and reports status, and brings any obstacles that may impact the completion of the A&A to the attention of the A&A Task Lead and the Program Manager (PM) in a timely manner. 
    • Ensures that A&A packages are submitted to IA and follows up to ensure IA approval of each phase of the A&A process prior to systems’ Authorized to Operate (ATO) expiration date.
    • Serves as the primary IASS lead for Visa, Passport, American Citizen Overseas or CA Support for # High, # Moderate, and # Low information systems and drives the overall A&A life-cycle process in accordance with the Department CA/CST System Development Life-Cycle (SDLC). IASS monitors the systems security posture via iPost.
    • Analyzes production system configuration change requests (CCR) of existing systems to determine security impact using the Planned Change Comparative Analysis (PCCA) process, and initiates required actions to maintain security posture and authorization status.
    • Conducts weekly or monthly meeting with Government Task Managers (GTMs) and developers. Schedules and facilitates boundary meeting, Phase I Kick-off (P1KO) meeting, Phase IV Kick-Off (P4KO) meeting, and attends Phase II Kick-off (P4KO) meeting and finding meetings.
    • Gathers required information to support system authorization by organizing technical working groups, conducting fact-finding interviews, attending system demo, assessing system security categorization (SCF) levels, establishing system security control baseline, acting as a security advisor to the GTM during the security controls implementation.
    • Develops and updates the following security application documentation:
    • Security Categorization Form (SCF)
    • E-Authentication Form (eRA)
    • System Security Plan (SSP) 
    • Supports the Contingency Plan (CP) SME and Privacy Impact Assessment (PIA) SME in the development of the following security application documentation:
    • Information System Contingency Plan (ISCP)
    • Privacy Impact Assessment (PIA) 
    • Complete data calls in a timely manner which include but not limited to Quarterly POA&Ms data call. Reviews, monitors and reports POA&Ms status to all parties including PM, ISSP GTM, System GTM and System Development Team, and System Operation Teams.
    • Provides guidance to System GTM and System developers as it related to the A&A process using both the National Institute of Standard and Technology (NIST) Special Publication (SP) 800 series and Department Foreign Affairs Manual (FAM) guidelines.
    • Assists and advises System GTMs and System developers in the design and development of secure systems architecture as well as industry best practices and information systems technologies available to meet AIS security requirements. 

     

    Qualifications

    Must have an Active Secret Clearance

     

    Requirements:

    A&A experience as it relates to cybersecurity, information assurance, or IT. 

     

    Recommended:

    Bachelor’s Degree in related field, 5 years experience,  CAP, CISSP or other IT and security-related certifications

     

    Company Information

    Headquartered in Tysons Corner, Virginia and founded in 2009, OBXtek is a fast-growing leader in the government contracting field. Our mission is Our People…Our Reputation. Our people are trained professionals who enhance our customers’ knowledge and innovation using technology, collaboration, and education.

     

    We offer a robust suite of benefits including comprehensive medical, dental and vision plans, Flexible Spending Accounts, matching 401K, paid time off, tuition reimbursement plans and much more.

     

    As a prime contractor for 93% of our current work, OBXtek pairs lessons learned across disciplines with industry standard quality practices such as CMMI-Dev Level III, ITIL, 6Sigma, PMI, and ISO. Our rapid growth has been recognized by INC500, the Washington Business Journal, and Washington Technology magazine.

     

    OBXtek is an Equal Opportunity Employer and does not discriminate based on race, color, religion, sex, age, national origin, disability, veteran status, sexual orientation or any other classification protected by federal, state or local law. 

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed