|Title:||Information Assurance (IA) Engineer|
SBG Technology Solutions, Inc. (SBG) is growing and would like you to come join our team!
SBG, a service disabled veteran owned small business specializing in engineering, information technology, cyber-security, and training, is looking for a results-oriented Information Assurance (IA) Engineer. We are seeking a highly motivated individual looking to join our rapidly growing company. The ideal candidate for the Information Assurance (IA) Engineer would be an experienced individual who is hard-working, has the ability to excel in a fast-paced government contractor environment, and is someone who has a positive energetic attitude.
The Information Assurance (IA) Engineer will support a small IA team working with an existing development team to ensure that applications across the enterprise meet the requirements of DoD IA policy. The successful applicant will be familiar with DoDI 8500.2, Information Assurance Implementation, DoDI 8510.01, DoD Information Assurance Certification and Accreditation Process (DIACAP), and of DoDI 8520.02, Public Key Infrastructure (PKI) and Public Key (PK) Enabling.
- Provide Defense in Depth principles and technology in security engineering designs and implementation.
- Support the system administrator in implementing enterprise services such as: active directory, domain controller, enterprise patching, and policy deployment.
- Conduct Computer Incident Response Team (CIRT) activities, including forensic analysis.
- Engineer and deploy network defense countermeasures such as anti-virus, anti-spam, and intrusion detection and prevention system solutions.
- Maintain Agency public key infrastructure system Implement security designs in hardware, software, data and procedures.
- Perform vulnerability assessments and penetration testing.
- Conduct certification and accreditation planning and testing.
- Identification and implementation of appropriate IA Baseline Controls.
- Planning and execution of the certification and accreditation process according to DoD Instruction 5200.40.
- Implement solutions by planning, training, and installing/configuring information systems while ensuring DIACAP Security Technical Implementation Guide compliance under Configuration Management process. Lead and conduct structured security certification and accreditation activities.
- Perform manual assessments in accordance with the latest DISA STIGs, with limited assistance on multiple Operating Systems to include but not limited to LINUX, Microsoft products, and various network components.
- Use DOD approved scanning tools to include but not limited to, NESSUS (ACAS), SCC SCAP security configuration scanner, STIG Viewer, and nMAP.
- Undertake risk assessments, documentation, development, oversight of security testing and evaluation.
Preferred Experience and Education:
- 5+ Years of progressive experience in related roles.
- CISSP, CISA, CISM, CAP, Security + certification required.
- Experience with DISA STIGS.
- Experience using STIG viewer, exporting scan results, uploading results to VMS.
- Experience developing and updating POAMs.
- Experience importing and updating IA 8500 control information within eMASS.
- Experience with DIACAP or RMF and National Industry Security Program Operating Manual (NISPOM).
- Must be experienced using Audit tools S-CAP tools, Retina, NESSUS, ACAS.
- Must have strong technical skills in a variety of the following areas; networking, system engineering, Windows OS platforms, Red Hat Enterprise Linux, database design/admin.
- DoD Experience.
We offer a very competitive benefits package, in a family-friendly environment.
SBG is an Equal Opportunity Employer M/F/D/V