Senior Information Assurance Engineer

Overview

GovCIO is currently hiring for Senior Information Assurance Engineer to support our client’s SA&A contract needs. This position is located in the Fairfax, VA area and will be a fully remote position with some intermittent onsite work.

Responsibilities

• Provide Information Assurance support to Government client. Support the development of security documentation including System Security Plans (SSP) and Security Controls in accordance with NIST publications and the Risk Management Framework leading to system Authorization to Operate (ATO).
• Work with system owners to address POA&M and continual system security evaluation processes and finding. 
• Interface with internal and external agency security personnel to establish and maintain Interagency Security Agreements (ISAs).
• Track system interconnection security documentation in support of the System Owner. There are roughly 175+ interconnections requiring memorandum of agreement (MOU) and interconnection security agreement (ISA) documentation. Responsible for ensuring all interconnections are covered by appropriate and up-to-date ISA documentation by initiating and developing ISAs for all new connections or connections requiring ISA renewals. 
• Will work closely with the internal Federal Customers and External Agency ISA Coordinators to assist with the coordination and approval of ISA documentation.
• Provide technical expertise to the design, development of Case Processing applications that will implement required information security policies and procedures.
• Devise and conduct risk assessment programs to identify areas of potential vulnerability for all applications within this agency’s application suite.
• Interpret and evaluate proposed legislation and broad-based policies concerning information technology.
• Assesses potential impact on existing program requirements working with Case Processing System Analysts.
• Evaluate the feasibility of implementing new developments to enhance systems security and reliability and Analyze findings and develop long-range plans to minimize risks, mitigate vulnerabilities, prevent security incidents, and insure systems reliability across supported systems.
• Develops, recommends, and implements approved security contingency plans, incident response plans, and disaster recovery procedures for the Case Processing applications.
• Coordinates with network security and application teams in determining Intrusion Detection Systems/Intrusion Protection Systems (IDS/IPS), Firewall, Security Proxy, Email Security, and Vulnerability Scanning Solutions that will be used with Case Processing.
• Work with Information Security Specialists, Network Support personnel, System Administration personnel and others to access system security posture and remediate vulnerabilities 

Qualifications

Bachelor's with 8+ years (or commensurate experience)

Required Skills and Experience

• Must have 5+ years …