Senior Information Assurance Analystat SMX(View all jobs) (https://www.smxtech.com/careers/)

Key West, Florida

SMX is seeking a Senior Information Assurance Analyst with a DoD Secret clearance to join our growing team in Key West, Florida!

The Senior Information Analyst will perform assessment and authorization coordination, advise and assists the client with Risk Management Framework (RMF) and develop a Plan of Action and Milestones for resolving network deficiencies. The duties of this task include assessing network compliance against controls listed in DODI 8500.2 and creating A&A packages. The end goal is to ensure the integrity of client systems by identifying and mitigating potential shortcomings and vulnerabilities.

Additionally, the Senior Information Assurance Analyst will perform security evaluations and vulnerability assessments using the DOD Assured Compliance Assessment Solution (ACAS), Nessus vulnerability scanning tool and liaise with network and system administrators to correct identified deficiencies and scan (or review scans) for new systems and applications being introduced into the DoD environment.

Essential Duties and Responsibilities

• Analyze, evaluate, and build an accreditation roadmap for new and existing AISR networks and systems

• Develop and maintain supporting documentation for new and existing networks, systems, and technologies

• Develop and review the A&A of AISR platforms, systems, services, devices, hardware, and software using the DoD & IC RMF to obtain an Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC)

• Provide DoD & IC RMF subject matter expertise and assist with the development and execution of the RMF program at USSOUTHCOM, and its Component Commands

• Maintain, track, and validate client connection approval packages

• Perform risk and vulnerability assessments of IT and IS for accreditation; prepare risk assessment reports for submission to the Security Controls Assessor/Certification Authority (SCA/CA) and Authorizing Official/Designated Accrediting Authority (AO/DAA) in accordance with policies, procedures, and regulations

• Assist USSOUTHCOM, and its Component Commands with the enforcement of A&A, as well as DoD connection standards for networks and systems

• Track and maintain A&A databases, web sites and tools to ensure that networks, systems, and devices are properly documented and managed from a security perspective

• Develop and maintain an Information Security Continuous Monitoring (ISCM) Plan.

• Coordinate with USCYBERCOM, DoD, DIA, NSA, DISA, and subordinate organizations to support the resolution of issues with security, A&A, connection approvals, and waiver requests

• Perform network security authorization, as well as the application and execution of policy, including project management support services

• Validate the patching of systems, perform validation scanning, develop Plans of Action & Milestone (POA&Ms), and report as directed by applicable policies, procedures, and regulations

• Provide subject matter expertise for COA development and the implementation of Cybersecurity mitigation strategies.

Knowledge, Skills & Abilities

• Required Clearance: Secret

• Ability to pass a TS/SCI investigation

• Experience with the US Combatant Commands is required

• DOD Information Assurance Management (IAM) Level 3 certification required within 6 months

• Navy Validator Information Assurance certification is desired

• DOD Information Assurance Technical (IAT) Level 2 certification required

• Working knowledge of the Defense Information Assurance Certification and Accreditation Process (DIACAP) and Risk Management Framework (RMF)

• Previous Information Systems Security Manager and Insider Threat experience is desired

• Knowledge of the Telos Xacta or eMASS system is desired.

• Must have excellent communications skill (written and oral) and interpersonal skills

• Knowledge and experience with DOD IA processes and policies (e.g., CJCSM 6510.01, Incident Response and other IA policies)

Required Education & Experience

• Bachelor’s Degree in computer or systems science discipline preferred

• Six (6) years of progressive, relevant experience or equivalent combination of education and experience

• Experience in lieu of degree will be considered

#cjpost #LI-TM1

At SMX®, we are a team of technical and domain experts dedicated to enabling your mission. From priority national security initiatives for the DoD to highly assured and compliant solutions for healthcare, we understand that digital transformation is key to your future success.

We share your vision for the future and strive to accelerate your impact on the world. We bring both cutting edge technology and an expansive view of what’s possible to every engagement. Our delivery model and unique approaches harness our deep technical and domain knowledge, providing forward-looking insights and practical solutions to power secure mission acceleration.

SMX is committed to hiring and retaining a diverse workforce. All qualified candidates will receive consideration for employment without regard to disability status, protected veteran status, race, color, age, religion, national origin, citizenship, marital status, sex, sexual orientation, gender identity or expression, pregnancy or genetic information. SMX is an Equal Opportunity/Affirmative Action employer including disability and veterans.

Selected applicant will be subject to a background investigation.