DMI

  • Information Assurance Security Specialist

    Posted Date 4 weeks ago(7/26/2018 8:07 PM)
    Job ID
    2018-15903
    Category
    Infrastructure Support
    Location
    US-MD-Fort Meade
  • About DMI

    DMI (Digital Management, LLC.), the world’s first end-to-end mobility company, combines all the skills and services necessary to deliver mobile enterprise solutions. Built to reinvent business through mobility, DMI has expertise in mobile strategy, UX, web, and app development, omni-channel commerce, brand and marketing, IoT and big data analytics, and secure device and app management. The company’s unique, integrated approach to mobility has resulted in dramatic growth as well as an expanding client base, which includes hundreds of Fortune 1000 commercial clients and all fifteen U.S. Federal Departments. DMI is headquartered in Bethesda, MD, with satellite offices around the world. The company was named one of the 2018 Top Workplaces in the Washington, DC area by The Washington Post and received Inc. Magazine’s Hire Power Award as one of the top 100 Private Job Creators in the US. Additional information is available at www.dminc.com and on LinkedIn, Twitter, Facebook, and Instagram.

    About the Opportunity

    DMI (Digital Management, LLC.) is looking for a full time Information Assurance Security Specialist to support a Defense Information Systems Agency customer at DISA headquarters in Fort Meade, MD. The Information Assurance Officer will perform Information Assurance tasks for Government Off-the-Shelf (GOTS) and Commercial Off-the-Shelf (COTS) products for the Department of Defense and Mission Partner's Telecommunications and Infrastructure Network.  Must be open to daytime shift work.    

     

    Duties and Responsibilities:

    • Write customer facing Designated Authorizing Official (AO) Risk Acceptances (ARA) documents and Directorate level Plan of Actions and Milestones (POA&M) documents to be accepted by the respective ID4 Branch Chief, Vice Director and AO. A high level of attention to detail is required when writing these documents and our customers are very critical when it comes to all aspects of ARA and POA&M development. 
    • Complying with the Information Assurance Vulnerability Management (IAVM) process, but is not limited to: Performing Information Assurance Vulnerability Alert (IAVA) and Bulletin (IAVB) applicability analysis, compiling and reporting IAVA and IAVB testing, implementation, and compliance reporting.
    • Ability to properly manage multiple customers' (GS-13 to SES) expectations through daily meetings with Government Program Managers in terms of product deliverables, scope of IA testing, and schedule milestones. Primary candidates should exhibit a confidence in IA that is unmatched and that our customers will not only respect, but will trust.
    • Ability to manage multiple (10+) systems at various stages of the DIACAP/RMF process while maintaining a pristine security postures within Continuous Monitoring and Risk Scoring (CMRS) and eMASS.
    • Develop customized IA processes and SOPs for capturing and managing the evaluation and IA assessment of products supported by DISA programs and ID4.
    • Deliver rapid turn-around for product IA validation through coordinated efforts with Government Project leads and Vendors.
    • Mentor junior, intermediate and senior members of the IA staff in the evaluation, assessment, and understanding the security requirements of all associated DISA IA supported programs (i.e., POA&Ms, STIGs, C&A processes, etc).
    • Define C&A content and write Concept of Operations (CONOPS), Tactics, Techniques and Procedures (TTPs), Security Policy and procedures documents (i.e., SSP), to include Continuity of Operations (COOP) or Contingency Plans.
    • Execute Security Test and Evaluations (ST&E) on Windows, Linux and Solaris operating systems hosting stand-alone and web applications, as well as various databases (i.e. MS SQL).
    • Analyze the results from DISA-approved security tools and provide recommendations based on vulnerability scan results. This is performed while taking into consideration the asset's functional environment and business impacts it could have for ID4 and the warfighters.
    • Perform system and asset hardening with additional scans to ensure no residual vulnerabilities are present.
    • Exhibit expert familiarity with Assured Compliance Assessment Solution (ACAS), McAfee Host Based Security System (HBSS), Enterprise Mission Assurance Support Service (eMASS), Continuous Monitoring and Risk Scoring (CMRS), and various other DISA related products.
    • Expert level Security Readiness Review (SRR) experience. Primarily, Windows, Linux, and Database applications. This must accompany formal DISA SRR training certificates. This will ensure the best suited candidate can perform security administration including periodic Security Readiness Review (SRR) and assist in the successful completion of SRRs with zero oversight.
    • Expert knowledge of DISA processes, procedures and culture.
    • In-depth understanding of the impacts of various Information Assurance (IA) issues throughout the System Development Life Cycle (SDLC) and is able to properly articulate these in professional, timely, and quality fashion.
    • Document and maintain system component IA baselines to support Change Management, Configuration Control, and Certification & Accreditation processes.
    • Provide assistance to the DISN OSS Certification and Accreditation Team in obtaining IA approvals and Authority to Operate (ATO) from the AO (previously the DAA).
    • Comply with and enforce Security Technical Implementation Guides (STIGS), DoD policies and procedures and Federal IA Guidance.
    • Ensure networks and systems being developed implement DoD baseline IA Controls.
    • Ensure networks and systems being developed are based on evaluated COTS and GOTS products per policy.
    • Enforce agreed-upon controls and mitigation strategies
    • Select, implement, and maintain access control software
    • Maintain existing security related documentation
    • Establish and protect storage and retrieval systems for classified and sensitive data
    • Manage system security services (authentication, access control, encryption, audit trails)
    • Assist in enforcing physical access restrictions to facilities housing system management resources and on-going operations
    • Control and monitor mechanisms that exist to protect selected resources, user information and security objects
    • Control access to encryption processes and to databases that are used for archiving and retrieving network and system management information
    • Protect the confidentiality, authenticity and integrity of network management data (access lists, routing tables, performance data, traffic flow analyses, audit data, accounting and billing data)
    • Generate reports of recorded security violations as they occur
    • Provide information assurance training, certification, and workforce management in accordance with DoD Directive 8570
    • Provide security awareness training, as needed

    Qualifications

    Education and Years of Experience:  

    • Bachelor's Degree in IT related field or equivalent experience
    • DOD 8570 Information Assurance Technical (IAT) Level II compliant  

    Required Skills/Certifications: 

     

    Desired Skills/Certifications: 

    •  CISSP or related IA certification
    • Network+ certificatio

    Additional Requirement(s): 

    • Secret Clearance 

     

    Physical Requirement(s): No Physical requirement needed for this position.

    Location: DISA HQ - Fort Meade, MD  

     

    Working at DMI

    DMI is a diverse, prosperous and rewarding place to work. We provide our employees with competitive benefits, educational assistance, and career growth opportunities. Every employee is valued for their talents and contributions. We all take pride in helping our customers achieve their goals, which in turn contributes to the overall success of the company.

    The company does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans, and to treat qualified individuals without discrimination on the basis of their physical or mental disability or veteran status. DMI is an Equal Opportunity Employer Minority/Female/Veterans/Disability.


    ***************** No Agencies Please *****************


    Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. US citizenship may be required for some positions. 

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.