Information Assurance Security Specialist Resume Sample
Work Experience
- Participate in risk assessment during the ce1tification and accreditation process
- Experience with supporting, configuring, and administering a Red Hat Enterprise Linux (RHEL) operating system in an enterprise environment
- Experience with ACAS or Nessus
- Experience with virtualized environments, including vSphere or ESXI
- Experience with ACAS Security Center (SC) and Nessus Vulnerability Scanners (NVS)
- Experience with common Cybersecurity toolsets and processes, including STIGSs, CAS, IAVA Management and Implementation, and OPORD or FRAGO support
- U.S. Citizenship and ability to obtain an interim and a permanent U.S. DoD Secret Security Clearance is required
- Monitors trends in information technology and security that could have an impact on the security of the organization’s products, processes, infrastructure, or customers
- Experience in the Information Assurance field
- Experience in the Information Assurance and Security
- Perform or review technical security assessments of computing environments to identify points of vulnerability or non-compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies
- Design, develop, implement, or integrate IA and security systems and system components, including those for networking, computing, and enclave environments, such as those with multiple enclaves and differing data protection or classification requirements
- Contribute to security planning, assessment, risk analysis, risk management, and awareness activities for system and networking operations
- Serve as a subject matter expert for the assessment, design, and implementation of a variety of enterprise security prevention, detection, and response capabilities
- Maintain responsibility for a hands-on leadership role, including mentoring, training, and retaining staff with a wide range of skill sets and backgrounds
- Support security authorization activities in compliance with DHS 4300 B&C, CSS Information System Certification and Accreditation Process and DoD Information Assurance Risk Management Framework (DIARMF) process, the NIST Risk Management Framework (RMF) process, and prescribed CSS business processes for security engineering
- Integrate the Leidos FAST Methodology for VM Analysis, Reporting and Dash boarding
- Experience as an information systems security engineer (ISSE) in the fields of Disaster Recovery Testing and Incident Response
- Maintain operational security posture for the DHS information systems
- Support security assessment and authorization (A&A) activities in compliance with the NIST Risk Management Framework (RMF), DHS 4300B&C, ICD 503 and DCID 6/3
- Perform vulnerability/risk assessment analysis to support A&A and Security Test and Evaluations (ST&E)
- Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, A&A packages, Plan of Action and Milestones (POA&Ms), and System Requirements Traceability Matrices (SRTMs)
- Accept & Distribute Information Security Vulnerability Management (ISVM) alerts
- Perform Security Assessments, VM & Continuous Monitoring (CVE, CCE, CPE, HWAM, SWAM, CSM, VULN)
Education
Professional Skills
- Represents organization as prime technical contact on contracts and projects. Interacts with senior external personnel on significant technical matters often requiring coordination between organizations
- Provides technical solutions to a wide range of difficult problems. Solutions are imaginative, thorough, practicable and consistent with organization objectives
- Frequent inter-organizational and outside customer contacts. Represents organization in providing solutions to difficult technical issues associated with specific projects
- Prior experience in DHS and/or Government / SCIF Environment
- Prior experience with DHS and/or Government / SCIF Environment
- Prior experience with DHS and/or Government / SCIF Environment,
- Eight (8) years of progressive, relevant experience is required or equivalent combination of education and experience
How to write Information Assurance Security Specialist Resume
Information Assurance Security Specialist role is responsible for security, software, training, integration, database, auditing, telecommunications, wireless, architecture, reporting.
To write great resume for information assurance security specialist job, your resume must include:
- Your contact information
- Work experience
- Education
- Skill listing
Contact Information For Information Assurance Security Specialist Resume
The section contact information is important in your information assurance security specialist resume. The recruiter has to be able to contact you ASAP if they like to offer you the job. This is why you need to provide your:
- First and last name
- Telephone number
Work Experience in Your Information Assurance Security Specialist Resume
The section work experience is an essential part of your information assurance security specialist resume. It’s the one thing the recruiter really cares about and pays the most attention to.
This section, however, is not just a list of your previous information assurance security specialist responsibilities. It's meant to present you as a wholesome candidate by showcasing your relevant accomplishments and should be tailored specifically to the particular information assurance security specialist position you're applying to.
The work experience section should be the detailed summary of your latest 3 or 4 positions.
Representative Information Assurance Security Specialist resume experience can include:
- ITIL v3 Foundation certification Skills Security+, Information Assurance, Cyber Security
- Demonstrated Risk Management Framework (RMF) experience
- Ensuring Body of Evidence artifacts are accurate and complete for review
- Experience and working knowledge of DHS continuity of operations planning (coop), alerting, notification, and exercise testing procedures
- Experience configuring RA workstations specifically for PKI policy, including permissions and operating system event logs
- Understand the processes and guidelines for Certifying & Accrediting information systems based upon experience on a large-scale development program
Education on an Information Assurance Security Specialist Resume
Make sure to make education a priority on your information assurance security specialist resume. If you’ve been working for a few years and have a few solid positions to show, put your education after your information assurance security specialist experience. For example, if you have a Ph.D in Neuroscience and a Master's in the same sphere, just list your Ph.D. Besides the doctorate, Master’s degrees go next, followed by Bachelor’s and finally, Associate’s degree.
Additional details to include:
- School you graduated from
- Major/ minor
- Year of graduation
- Location of school
These are the four additional pieces of information you should mention when listing your education on your resume.
Professional Skills in Information Assurance Security Specialist Resume
When listing skills on your information assurance security specialist resume, remember always to be honest about your level of ability. Include the Skills section after experience.
Present the most important skills in your resume, there's a list of typical information assurance security specialist skills:
- Experience: Five years of assessment and authorization experience
- Experience: Five years of Risk Management Framework experience
- Experience: Five years of cybersecurity and/or assessment & authorization analysis experience
- Experience with FIPS 199/200 and Security Awareness Training (to include different possible social engineering attacking techniques)
- Experience with performing vulnerability or risk analyses of computer systems and applications during all phases of the system development life cycle
- Experience with scripting, including NASL, Python, or BASH
List of Typical Experience For an Information Assurance Security Specialist Resume
Experience For Information Assurance / Security Specialist Resume
- Five (5) years of experience integrating, developing or deploying security products in enterprise level technology upgrades
- Experience auditing systems, databases, performing vulnerability assessments and compliance monitoring
- Experienced with providing FISMA Vulnerability and Compliance Scanning
- Experienced in assessing and maintaining a FIPS 199 High Category Federal system
- Experience in network monitoring using host-based and network-based detection systems
- Experience with conducting DoD network, system, or organizational Cyber readiness inspections
Experience For Information Assurance Security Specialist Senior Resume
- Linux engineering or Admin Experience
- Windows Engineering or Admin Experience
- Knowledge and experience with at least three of the five following criteria
- Experienced with FISMA A&A continuous monitoring
- Experienced with a working knowledge of SPLUNK
- Prior work supporting multiple server platforms, workstations, and networks is essential
- Experience dedicated to Information Assurance, Information Security, & C&A/A&A
- Identifying and defining system security requirements
Experience For Information Assurance Security Specialist Junior Resume
- Designing computer security architecture and developing detailed cyber security designs
- Working knowledge of computer hardware (PDA, desktop server), operating systems, applications and databases etc
- Networking / Firewall Access Control
- Operating system and network knowledge (i.e., Windows Server 2003/2008, Linux, Local Area Networks [LAN] and Wide Area Networks [WAN])
- Working knowledge of EMASS and EITDR
- Developing strategies to defend systems and networks from attacks
- Coordinating the creation of POA&M packages
- Administer TA training via web-based training and quarterly in-person instruction
Experience For Senior Information Assurance Security Specialist Resume
- Vulnerability scanning, auditing, assessment, and analysis
- Coordinate PKI and PK-enabling activities consistent with the policy established in DoDD 8500.01E
- Track TA training and contact information
- Participate as a contributing team member of the Patch and Vulnerability Management Group (PVG) and provide assistance to O&M and system administrators
- Engineers, Analyzes and plays a leading role in the maintenance of systems to protect data from unauthorized disclosure and/or modification
- Play a lead role in the Continuous Monitoring of Security Controls and Systems
Experience For Senior Information Assurance Security Specialist Expert Resume
- Continuously working with the System stakeholders and data custodians to ensure that the system
- Compile DOD cyber scorecard metrics, brief government personnel, and work with operation to correct deficiencies identified during the process
- Cybersecurity Training and Awareness
- Enterprise Cybersecurity planning, monthly collaboration sessions, and Annual Cybersecurity Workshops
- Application security, database security, and network security recovery and reconstitution testing
- Sound knowledge of NIST SP 800-34 - Contingency Planning Guide for Federal Information Systems
- Sound knowledge of NIST SP 800-61 - Computer Security Incident Handling Guide
- Utilization of automated scanning products such as: BigFix, Nessus, Retina, Core Impact
Experience For Information Assurance Security Specialist Resume
- Sound knowledge of risk management and assessment (both qualitative and quantitative) using NIST SP 800-30 and 800-39
- Basic understanding of security vulnerabilities
- Cyber security planning and implementation
- Assist DHS ISSO in the distribution and management of a multi-factor PKI solution that meets the DHS implementation guidance to satisfy HSPD12 requirements
- Assist DHS to establish and implement policy, assign responsibilities, and prescribe procedures for developing and implementing a HSDN-wide PKI and enhancing the security of DHS/DoD information systems by enabling these systems to use PKI for authentication, digital signatures, and encryption
- Coordinate with and support Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP) Responders, a token tracking system, and infrastructure supporting them
- Track PKI token deployment throughout its lifecycle
- Provide TAs with expert technical support via telephone to walkthrough procedures
- Manage user identity tokens, to include managing the PKI registration authority, tracking secure token card stock location and status, providing secure token card stock to TA, tracking TA location, scope and contact information, directing users to a TA, and archiving reports of TA training completion
Experience For Information Assurance / Security Specialist Resume
- Provide services for issuing and managing user PKI certificates, operating PKI services, and troubleshooting them
- Perform data analytics, merging data from multiple sources for weekly reporting
- Provide support for certificate management software to include configuration, development of reports, support, and operation
- Manage user accounts and user access attributes and permissions
- Manage user access to applications and data sources
- Provide subject matter expert analysis of the RPS, CSP Certificate Policy, analysis of changes in technology and their impact upon CSP operations
- Provide subject-matter expert analysis to DHS working groups and integrated project teams representing HSDN Public Key Infrastructure (PKI), including the Sharing and Safeguarding IPT and Infrastructure Technology Project Monthly Review (ITPMR)
- Experience dedicated to Information Assurance, Information Security, PKI Management
Experience For Information Assurance Security Specialist Senior Resume
- Create and Manage POA&Ms
- Assists the ISSO/ISSM and works with test teams during assessment, and be able to analyze and understand the Security Assessment Report (SAR) and Vulnerability Assessment Report (VAR)
- Responsible for developing, updating and managing core security documents such as the System Security Plan (SSP), FIPS 199 & 200, Business Continuity Plan (BCP), Business Impact Analysis (BIA), Disaster Recovery Plan (DRP), Information System Contingency Plan (ISCP), Security Impact Analysis (SIA), Incident Response (IR) Plan, etc
- Work closely with the Systems Administrators and Network Engineers in ensuring that the system is running in compliance with the Acceptable Baseline Configuration
- Experience dedicated to Information Assurance, Information Security, & C&A/A&A
- Ensure that identified vulnerabilities are remediated in accordance with DHS 4300 directives and DHS SOC/CERT timelines
- Be involved with the annual PEN Test exercise and work directly with the PEN Testers and in-house IT staff
- Analyzes and recommends remediation’s and tracks progress until resolution or risk acceptance
- Functions as technical expert across multiple security domains
Experience For Information Assurance Security Specialist Junior Resume
- Contributes to deliverables and performance metrics
- Manage multiple systems at various stages of the DIACAP/RMF process while maintaining a pristine security postures within Continuous Monitoring and Risk Scoring (CMRS) and eMASS
- Develop customized IA processes and SOPs for capturing and managing the evaluation and IA assessment of products supported by DISA programs and ID64
- Analyze the results from DISA-approved security tools and provide recommendations based on vulnerability scan results. This is performed while taking into consideration the asset's functional environment and business impacts it could have for ID64 and the warfighters
- Expert on leading in all stages of system development and sustainment efforts, including requirements definition, design, architecture, testing, penetration scanning and support
- Participate in the configuration management process for security-relevant changes, collaborating with other cybersecurity specialists to address concerns, questions, and changes
- Provide support ensuring the records are up to date. The ISSO shall be responsible for updating the DoD Artifacts (DoD Architecture Framework Documentation)
- Guide efforts to gather and organize technical information about an organization's mission goals and needs, and existing security products
- Document and maintain the customer’s information system security documentation (System Security Plan [SSP], Plan of Action and Milestones [POA&M], using customer required tools and processes Risk Management Framework (RMF) including creating security plans, risk assessments, and security test and evaluations
Experience For Senior Information Assurance Security Specialist Resume
- Provide Continuous monitoring of information systems for compliance with required security controls and policies, including self-testing and associated test documentation of the security controls
- Understands and has subject matter expert experience working with RMF
- Experience in information systems security, preferably for a DoD customer (e.g., ISSO, ISSM)
- Confers with and advises subordinates on administrative policies and procedures and helps resolve technical problems, priorities, and methods
- Establish audit trails and ensuring their review
- Possesses or can quickly develop a comprehensive understanding of Government Information Security policies, regulations, and guidelines
List of Typical Skills For an Information Assurance Security Specialist Resume
Skills For Information Assurance / Security Specialist Resume
- Experience using eMASS and managing NIST SP 800-53 security controls
- Experience with recommending information assurance and security solutions to support the clients’ requirements
- Experience working with IT in the Department of Defence
- Experience as an information systems security engineer (ISSE) in the fields of Disaster Recovery Testing and Incident Response
- Experience working with NIST Special Publications or related publications and the C & A process methodology
- Experience working with IT in the Department of Defense
- Experience in IA environment
- RMF and eMASS experience required
Skills For Information Assurance Security Specialist Senior Resume
- Experience with mobile code, malicious code, and anti–virus software
- Eight or more years’ experience with virtual environment
- Eight or more years’ experience Windows server OR workstation administration
- Experience with DIACAP Certification & Accreditation (C&A) and Risk Management Framework (RMF)
- Experience with eMASS, DADMS, and DIPR DON
- Past A&A experience for DOD IT COTS product(s)
- Experience dedicated to Information Assurance, Information Security, & C&A/A&A
- Experience dedicated to Information Assurance, Information Security, PKI Management
Skills For Information Assurance Security Specialist Junior Resume
- Experience in all aspects of the RMF Assessment & Assessment process
- Experience in application vulnerability assessments
- Experience with the US Combatant Commands (USCENTCOM/USSOCOM) is
- Provide Tier 2-3 level expertise for engineering Cybersecurity into SIE systems, including participation in planning meetings
- Provide POA&M for correcting or mitigating the weakness (as required) and track POA&Ms and provide status updates
Skills For Senior Information Assurance Security Specialist Resume
- Perform upgrade versions on the following HBSS point products
- Assist USASOC, Component Commands, and deployed forces with required scanning and vulnerability management programs
- Maintain records documenting compliance with federal laws, directives, policies and procedures and provide USASOC, its Component Commands, and deployed forces
- Coordinate with subordinate organizations for required reporting and compliance status. Track and report the status of POA&Ms through their completion
- Review and evaluate technology advances in the realm of Cybersecurity and provide analysis and technical recommendations regarding these advances
Skills For Senior Information Assurance Security Specialist Expert Resume
- Analyze and define security requirements for computer systems, including mainframes, workstations, and personal computers
- One or more technical certifications, including RHCSA or RHCE
- Knowledgeable in integrating security and risk management activities into SDLC
- Review vulnerability scan reports (e.g. HP Fortify, ACAS) to determine mitigation strategies and remediation steps based on the severity of the finding
- Work closely with client to ensure security requirements are being met in accordance with the contractual requirements
- Contacts are primarily with immediate work team and management. Occasional interaction with other sections or groups
- Provides solutions to a variety of technical problems of moderate scope and complexity. Exercises judgment within defined procedures and practices to determine appropriate action
- Perform Cybersecurity Compliance and Validations to include Cybersecurity site visits, inspections, scanning, remediation, patch compliance, and reviews
Skills For Information Assurance Security Specialist Resume
- Contributes to completion of milestones associated with specific projects
- Primarily internal company contacts. Infrequent interorganizational and outside customer contacts on routine matters
- Assess organizational security posture of USSOCOM’s Component Commands, TSOCs, and deployed forces and verify their compliance with DoD, DIA and USSOCOM guidance
- Assist Component Commands, TSOCs, and deployed forces with required scanning and vulnerability management programs
- Track and report to higher headquarters organizations (e.g., USCYBERCOM, DIA) compliance with applicable Cybersecurity regulations and directives
- Maintain records documenting compliance with federal laws, directives, policies and procedures and provide USSOCOM, its Component Commands, TSOCs, and deployed forces
Skills For Information Assurance / Security Specialist Resume
- Periodically review USSOCOM, Component Command, TSOC, and deployed forces’ Information Security Plans and Physical Security Plans and recommend measures to safeguard classified, sensitive, and unclassified information
- Identify common security risks by analyzing findings, developing metrics, and trends
- Assist Component Commands and deployed forces with required scanning and vulnerability management programs
- Maintain records documenting compliance with federal laws, directives, policies and procedures and provide NSW, its Component Commands, and deployed forces
- Assess organizational security posture of NSW, its Component Commands, and deployed forces and verify their compliance with DoD, DIA and USSOCOM guidance
- Periodically review NSW, its Component Command, and deployed forces’ Information Security Plans and Physical Security Plans and recommend measures to safeguard classified, sensitive, and unclassified information
- Provide on-site support for Cybersecurity assessments, compliance, and validation
- Assess organizational security posture of USASOC, its Component Commands, and deployed forces and verify their compliance with DoD, DIA and USSOCOM guidance
Skills For Information Assurance Security Specialist Senior Resume
- Validate the patching of systems, perform validation scanning using ACAS, develop Plans of Action & Milestone (POA&Ms), and report as directed by applicable policies, procedures, and regulations
- Track and report to higher headquarters organizations (e.g., USSOCOM, USCYBERCOM, DIA) compliance with applicable Cybersecurity regulations and directives
- Periodically review USASOC, Component Command, and deployed forces’ Information Security Plans and Physical Security Plans and recommend measures to safeguard classified, sensitive, and unclassified information
- Identify and document that physical security elements identified to support DoD networks, systems, services and devices are in compliance with security controls for access control
- Execute Cybersecurity self-inspection programs; track and report on compliance and completion
- Perform FISMA network and system security reviews
Skills For Information Assurance Security Specialist Junior Resume
- Perform and publish trend analyses of SIE Cybersecurity assessments, lessons learned, and recommended mitigation approaches
- Provide subject matter expertise for COA development and the implementation of Cybersecurity mitigation strategies
- Develop and implement required processes, procedures, and capabilities to mitigate vulnerabilities and weaknesses for software and hardware deployment
- Respond to Cybersecurity Requests for Information (RFIs) from external organizations and NetOps decision makers
- Assess organizational security posture of USSOCOM's Component Commands,TSOCs, and deployed forces and verify their compliance with DoD, DIA and USSOCOM guidance
- Periodically review USSOCOM, Component Command, TSOC, and deployed forces' Information Security Plans and Physical Security Plans and recommend measures to safeguard classified, sensitive, and unclassified information
Skills For Senior Information Assurance Security Specialist Resume
- Execute Information Assurance Vulnerability Management (IAVM) programs; track and report compliance with Information Assurance Vulnerability Alerts (IAVAs) and Information Assurance Vulnerability Bulletins (IAVBs)
- Provide subject matter expertise for COA development and the
- Implementation of Cybersecurity mitigation strategies
- Review, research and analyze enterprise logs for security related events
- Provide subject matter expertise and assist in the strategic planning and implementation of the Cybersecurity program at USSOCOM, its Component Commands, TSOCs, and deployed forces
- Develop and provide threat and risk analysis to the staff, leadership, and other designated personnel at USSOCOM, its Component Commands, TSOCs, and deployed forces
- Provide Cybersecurity subject matter expertise during meetings
List of Typical Responsibilities For an Information Assurance Security Specialist Resume
Responsibilities For Information Assurance / Security Specialist Resume
- Experienced with Host Based Security Systems (HBSS)
- Assisting Authorization Officials (AOs) in ensuring information system security risk is congruent with NGA's Risk Strategy
- Writing Risk Assessment Reports (RARs) for review by Government
- Providing recommendations for Authorization decisions
- Information security and assurance principles and associated supporting technologies
- Works well in a team environment and collaborate with others
- Analyzes and recommends remediation's and tracks progress until resolution or risk acceptance
Responsibilities For Information Assurance Security Specialist Senior Resume
- Evaluate, test, and assess information systems
- Ensure that proper decisions are made concerning levels of concern for confidentiality, integrity, and availability of the data, and the protection level for confidentiality for the system
- Report all security-related incidents to DCoE incident response coordinate
- Initiate protective and corrective measures when a security incident or vulnerability is discovered
- Develop and maintain an accreditation/certification support documentation packages
- Ensure hardware meets Information Assurance compliance and guidelines and prepare Equpment Status Report
- Conduct periodic reviews to ensure compliance with the accreditation/certification support documentation package
Responsibilities For Information Assurance Security Specialist Junior Resume
- Knowledge of procedures to review networks, systems and applications for Networthiness Certification
- Conduct ad-hoc, annual, quarterly, and weekly scans and prepare Project Status Report
- Assist in the detailed investigation and documentation of security incidents
- Monitor DoD security related communication tasking orders. These task orders can range in complexity from informational notices to requirements needing many months of effort to implement
- Update findings to proper status (Fixed, Open, Not a Finding, etc.) within eMASS or STIGViewer
- Designs and prepares technical reports and related documentation and makes charts and graphs to record results
- Develop an Information Assurance (IA) Test Plan for each release
Responsibilities For Senior Information Assurance Security Specialist Resume
- Provide an Information Assurance (IA) Test Reports
- Initiate protective or corrective measures when an IA incident or vulnerability is discovered
- Ensure that IA and IA-enabled software, hardware, and firmware comply with appropriate security configuration guidelines
- Ensure that DoD information system recovery processes are monitored and that IA features and procedures are properly restored
- Ensure that all DoD information system IA-related documentation is current and accessible to properly authorized individuals
- Implement and enforce all DoD information system IA policies and procedures, as defined by its security certification and accreditation documentation
- Generate Vulnerability Scan Compliance (VSC) Report as necessary
- Record Risk Acceptance (DRA) entries into eMASS or STIG Viewer
Responsibilities For Senior Information Assurance Security Specialist Expert Resume
- Develop and maintain an organization or DoD information system-level IA program that identifies IA architecture, IA requirements, IA objectives and policies; IA personnel; and IA processes and procedures
- Ensure that information ownership responsibilities are established for each DoD information system, to include accountability, access approvals, and special handling requirements
- Ensure the development and maintenance of IA certification documentation according to DoD Instruction 5200.40 (reference (n)) by reviewing and endorsing such documentation, and recommending action to the AO/AODR
- Ensure that compliance monitoring occurs, and review the results of such monitoring
- Review security control assessment procedures including the review and updating of STIG results
Responsibilities For Information Assurance Security Specialist Resume
- Ensure customers understand the latest processes affecting certification and accreditation of their systems
- Maintain a repository for all IA certification and accreditation documentation and modifications
- Ensure that IA inspections, tests, and reviews are coordinated
- Ensure that all IA management review items are tracked and reported
- Ensure that incidents are properly reported to the AO /AODR and the DoD reporting chain, as required, and that responses to IA-related alerts are coordinated Provide support with Financial Information Audit Readiness (FIAR) requirements
- Assist in the Continuous Monitoring Strategy of the IT system
Responsibilities For Information Assurance / Security Specialist Resume
- Assist Information System Security Manager with Financial Improvement and Audit Readiness (FIAR) inspections and document requests
- The ISSO shall adhere to all current IA and Cybersecurity regulations in the event that the aforementioned documentation is superseded or replaced
- The ISSO shall support the maintenance and sustainment of the Information Assurance
- The ISSO shall adhere to all relevant and current DoD, AF, and NIST regulations in the event that the aforementioned documentation is superseded or replaced
- Research and analyze system, network and current security policies, to provide recommendations to the AFNIC for use by customers to assess the proper system development course of action and identify/document risk management controls
- Guide the customers in their efforts to complete the assessment and authorization processes (formerly certification and accreditation) and attaining an authorization decision for their systems
Responsibilities For Information Assurance Security Specialist Senior Resume
- Evaluate system requirements, reviewing IA and functional specifications, products, applications and systems meet IA specifications
- Develop a Security Assessment Plan (SAP) for each release
- Implementation and guidance on all DoD information system IA policies and procedures, defined in NIST 800-53 and DoD 8510.01
- Record Plan of Action and Milestones (POA&M) entries into eMASS
- Develop and maintain system IA documentation supporting system Certification and Accreditation requirements. Maintain documentation in the DISA Enterprise Mission Assurance Support Services (EMASS) system
- Conduct IA related technical research and analysis necessary to provide recommendations to the system management team to assess possible system/configuration changes
- Perform reviews of system IA products (audit logs, ACAS reports, security assessments, etc) to ensure the system remains current and satisfies certification requirements with regards to IA related FRAGO, security scans, patches, STIGs, logging and security configurations
- Experience with RMF, ICD 503, NIST SP800-53 or DCID 6/3; knowledge of current authorization practices, particularly within the DoD
Responsibilities For Information Assurance Security Specialist Junior Resume
- Working independently with Information System Security Engineers and Information Systems Owners through the Risk Management Framework steps
- Perform technical engineering consultation and document reviews for customers with network support requirements using government-furnished criteria. Develop and deliver required routine technical documents, briefings, e-mail, and voice correspondence. Use of the Air Force developed criteria shall be mandatory for risk ratings
- Research best practices for implementing leading-edge, network-reliant technologies
- Configure and maintain security and network monitoring tools
- Assist operational engineering teams to evaluate risks and provide recommendation and implementation strategies to help mitigate weaknesses
- Responsible for all activities relating to information assurance procedures and systems
- Evaluate and document all FISMA controls and weaknesses
- Recent and relevant experience with Host Based Security Systems (HBSS) and DoD networking is highly desired. Requires in-depth knowledge TCP/IP communications and how common protocols and applications work at the network level and experience using network monitoring, analysis, troubleshooting, and configuration control technologies
Responsibilities For Senior Information Assurance Security Specialist Resume
- Update security relevant information utilizing Xacta
- Coordinate efforts between different teams for the achievement of compliance and/or compliance review
- Experience with security efforts related to modern Windows, Linux, UNIX, Cisco, SQL or Oracle databases, and virtual computing. This might also include some system administration work with an emphasis on security control implementation
- DoD 8570.1 / DoD 8140.01 certification IAM level II or III (ie. CAP, CASP, CISSP, or CISM) required
- Provide DoD & IC RMF subject matter expertise to AFSOC, its Component Commands, deployed forces and their delegates, including other Contractors, and assist with the development and execution of the RMF program at AFSOC, its Component Commands, and deployed forces
- Maintain, track, and validate DISN and DIA connection approval packages, including those from AFSOC, its Component Commands, and other subordinate organizations
- Assist AFSOC, its Component Commands, and deployed forces with the enforcement of A&A, as well as DoD, DIA, AFSOC, Component Command, and deployed forces’ connection standards for networks and systems
- Provide DoD & IC RMF subject matter expertise to USSOCOM, its Component Commands, TSOCs, deployed forces and their delegates, including other Contractors, and assist with the development and execution of the RMF program at USSOCOM, its Component Commands, TSOCs, and deployed forces
- Maintain, track, and validate DISN and DIA connection approval packages, including those from USSOCOM, its Component Commands, TSOCs, and other subordinate organizations