NASK is seeking an Information Assurance Engineer in support of our contract programs and information technology systems.
- Leads the development of required program security documentation, tests plans and procedures.
- Generates or supports Information Assurance documentation for internal information technology systems and customer-facing projects.
- Devises security testing and evaluation procedures that implement security requirements and controls.
- Executes security scanning and the analysis of the scan results.
- Provides recommendations to remediate any security risks and threats across systems.
- Plans and executes project tasks for activities in continuous security lifecycle.
- Maintains the organization’s compliance documentation within customer tools.
- Coordinates with government stakeholders and customer security to maintain system accreditation, including vulnerability assessments.
- Collaborates with the Director of IT, Physical security officer and other security stakeholders.
- Bachelor’s of Science degree in a technical field is required or 3-5 years of equivalent experience.
- Proficient use and understanding of systems engineering concepts, principles, and theories
- Proficient understanding of cyber security specifications such as Risk Management Framework (RMF), DIACAP, STIGs and other government security guidelines
- Proficient knowledge of cyber security technology and trends
- Strong written and verbal communications skills
- Proficient ability in communicating issues, impacts, and corrective actions as they affect the cyber design and implementation
- Work across project teams
- Creative thinker, good multi-tasker
- Active TS//SCI with ability to submit to a polygraph as a condition of privileged access.
- Ability to maintain an active Top Secret // SCI with polygraph Clearance.
- CISSP or Associate of ISC2 is preferred
- Familiarity of CI/CD software development environments
- Familiarity with AWS infrastructure.
- Experience with government compliance applications such as OBMS and eMASS
- Understanding of STIGs/SRGs, SCAP and other DoD IA tools.
- Experience working with Intelligence Community Agencies (i.e. NRO, CIA, or NSA)
Normal demands associated with an office environment. Ability to work on computer for long periods of time in lab environments. Ability to communicate with individuals by telephone, email and face-to-face. Some domestic travel required.