Sr. Information Assurance Engineer
A Sr. Information Assurance Engineer is required for a long-term contract position located in the Dedham, MA area.
- Active Secret Clearance
- 5+ years of experience in IA/Cybersecurity and network operations
- 5+ years of experience in performing risk assessment, IT audits, security planning, and systems accreditation work
- Experience complying with DoD IT regulations and developing security assessment documentation.
- Knowledge of domain structures, user authentication, data encryption, access audits and end-user security best practices.
- Experience with hardening Windows, UNIX/LINUX, IDS/IPS systems, and networking appliances.
- CISSP, CISM, GSLC, CASP
The Senior Information Assurance Engineer will be part of the Cybersecurity team, specializing in performing U.S. DoD Assessment and Authorization (A&A) activities.
- Implement security controls and supporting configurations to all customer IT system, hardware, and software components to satisfy compliance with the security controls identified within the Committee on National Security Systems Instructions (CNSSI) No 1253 Table D-1, Security Control Baselines.
- Know and participate in security compliance efforts that will be assessed and validated by the Government IAW DoDI 8510.01 and National Institute of Standards and Technology (NIST) 800.53, Revision 4, and NIST 800-53A, Revision 4.
- Apply an enterprise-wide set of disciplines for program planning, analysis, secure system architecture and design, integration, and security testing across major enterprise segments.
- Develop information assurance analytical methodologies, approaches, techniques, processes, procedures, and schedules development of sub- systems or small to medium sized systems.
- Experience in threat assessment, vulnerability analysis, risk assessment and system/network risk migration.
- Responsible for managing security implementation for developing and legacy systems/networks.
- Serves as an Information Assurance subject matter expert providing security engineering and integration support, administering, maintaining, and deploying various commercial security compliance solutions.
- Analyzes government and industry and market trends, assesses the impact of emerging security threats on the enterprise risk level, and recommends technology direction and/or adjustments for incorporation into customer mission and business plans.
- 14 months