• Information Assurance Security Specialist

    Posted Date 4 months ago(11/20/2018 7:06 AM)
    Job ID
    Infrastructure Support
  • About DMI

    DMI (Digital Management, LLC.), the world’s first end-to-end mobility company, combines all the skills and services necessary to deliver mobile enterprise solutions. Built to reinvent business through mobility, DMI has expertise in mobile strategy, UX, web, and app development, omni-channel commerce, brand and marketing, IoT and big data analytics, and secure device and app management. The company’s unique, integrated approach to mobility has resulted in dramatic growth as well as an expanding client base, which includes hundreds of Fortune 1000 commercial clients and all fifteen U.S. Federal Departments. DMI is headquartered in Bethesda, MD, with satellite offices around the world. The company was named one of the 2018 Top Workplaces in the Washington, DC area by The Washington Post and received Inc. Magazine’s Hire Power Award as one of the top 100 Private Job Creators in the US. Additional information is available at and on LinkedIn, Twitter, Facebook, and Instagram.

    About the Opportunity

    Digital Management, LLC (DMI) is seeking a full time Information Assurance Security Specialist to support a Defense Information Systems Agency customer at DISA headquarters in Fort Meade, MD. The Information Assurance Officer will perform Information Assurance tasks for Government Off-the-Shelf (GOTS) and Commercial Off-the-Shelf (COTS) products for the Department of Defense and Mission Partner's Telecommunications and Infrastructure Network. Must be open to daytime shift work.


    Duties and Responsibilities:   

    • Write customer facing Designated Authorizing Official (AO) Risk Acceptances (ARA) documents and Directorate level Plan of Actions and Milestones (POA&M) documents to be accepted by the respective ID64 Branch Chief, Vice Director and AO. A high level of attention to detail is required when writing these documents and our customers are very critical when it comes to all aspects of ARA and POA&M development.
    • Complying with the Information Assurance Vulnerability Management (IAVM) process, but is not limited to: Performing Information Assurance Vulnerability Alert (IAVA) and Bulletin (IAVB) applicability analysis, compiling and reporting IAVA and IAVB testing, implementation, and compliance reporting.
    • Ability to properly manage multiple customers' expectations through daily meetings with Government Program Managers in terms of product deliverables, scope of IA testing, and schedule milestones. Primary candidates should exhibit a confidence in IA that is unmatched and that our customers will not only respect, but will trust.
    • Ability to manage multiple systems at various stages of the DIACAP/RMF process while maintaining a pristine security postures within Continuous Monitoring and Risk Scoring (CMRS) and eMASS.
    • Develop customized IA processes and SOPs for capturing and managing the evaluation and IA assessment of products supported by DISA programs and ID64.
    • Deliver rapid turn-around for product IA validation through coordinated efforts with Government Project leads and Vendors.
    • Mentor junior, intermediate and senior members of the IA staff in the evaluation, assessment, and understanding the security requirements of all associated DISA IA supported programs (i.e., POA&Ms, STIGs, C&A processes, etc).
    • Define C&A content and write Concept of Operations (CONOPS), Tactics, Techniques and Procedures (TTPs), Security Policy and procedures documents (i.e., SSP), to include Continuity of Operations (COOP) or Contingency Plans.
    • Execute Security Test and Evaluations (ST&E) on Windows, Linux and Solaris operating systems hosting stand-alone and web applications, as well as various databases (i.e. MS SQL).
    • Analyze the results from DISA-approved security tools and provide recommendations based on vulnerability scan results. This is performed while taking into consideration the asset's functional environment and business impacts it could have for ID64 and the warfighters.
    • Perform system and asset hardening with additional scans to ensure no residual vulnerabilities are present.
    • Exhibit expert familiarity with Assured Compliance Assessment Solution (ACAS), McAfee Host Based Security System (HBSS), Enterprise Mission Assurance Support Service (eMASS), Continuous Monitoring and Risk Scoring (CMRS), and various other DISA related products.
    • Expert level Security Readiness Review (SRR) experience. Primarily, Windows, Linux, and Database applications. This must accompany formal DISA SRR training certificates. This will ensure the best suited candidate can perform security administration including periodic Security Readiness Review (SRR) and assist in the successful completion of SRRs with zero oversight.
    • Knowledge of DISA processes, procedures and culture such as Penetration testing Ports, protocol and services management. Drafting technical documents and milestones. C&A and A&A Accreditation management. eMASS artifact management. Complete application and web Security Technical Implementation Guides (STIG) for Enterprise applications and tools. Auditing Enterprise applications and tools. DIACAP and RMF control compliance. Draft and track to completion Enterprise Plan of Action and Milestones (POA&M) for open application, DBMS, and web vulnerabilities. Establish mitigation strategies for OPORD, TASKORD, and FRAGOs and maintain Enterprise System Security Plans and Functional Architecture artifacts and documents.
    • In-depth understanding of the impacts of various Information Assurance (IA) issues throughout the System Development Life Cycle (SDLC) and is able to properly articulate these in professional, timely, and quality fashion.
    • Document and maintain system component IA baselines to support Change Management, Configuration Control, and Certification & Accreditation processes.
    • Provide assistance to the DISN OSS Certification and Accreditation Team in obtaining IA approvals and Authority to Operate (ATO) from the AO (previously the DAA).
    • Comply with and enforce Security Technical Implementation Guides (STIGS), DoD policies and procedures and Federal IA Guidance.
    • Ensure networks and systems being developed implement DoD baseline IA Controls.
    • Ensure networks and systems being developed are based on evaluated COTS and GOTS products per policy.
    • Enforce agreed-upon controls and mitigation strategies
    • Select, implement, and maintain access control software
    • Maintain existing security related documentation
    • Establish and protect storage and retrieval systems for classified and sensitive data
    • Expert on leading in all stages of system development and sustainment efforts, including requirements definition, design, architecture, testing, penetration scanning and support.



    Education and Years of Experience: 

    • Bachelor's Degree in IT related field or equivalent experience
    • DOD 8570 Information Assurance Technical (IAT) Level II compliant

    Desired Skills/Certifications:

    • CISSP or related IA certification
    • Network+ certification

    Additional Requirements:

    • Secret Clearance

    Physical Requirement(s): N/A

    Min. Citizenship Status Required: US Citizen


    Location: DISA - Montgomery, AL



    Working at DMI

    DMI is a diverse, prosperous and rewarding place to work. Being part of the DMI family means we care about your wellbeing. As such, we offer a variety of perks and benefits that help met various interests and needs, while still having the opportunity to work directly with a number of our award winning, Fortune 1000 clients. The following categories make up your DMI wellbeing:

    • Community – Blood drives, volunteering opportunities, Holiday parties, summer picnics, Tech Chef, Octoberfest just to name a few ways DMI comes together as a community
    • Convenience/Concierge - Virtual visits through health insurance, pet insurance, commuter benefits, discount tickets for movies, travel and many other items to provide convenience
    • Development – Annual Performance management, continuing education and tuition assistance, internal job opportunities along with career enrichment and advancement to help each employee with their professional and personal development
    • Financial – Generous 401k match for both pre-tax and post-tax (ROTH) contributions along with financial wellness education, EAP, Life Insurance and Disability help provide financial stability for each DMI employee
    • Recognition – Great achievements do not go unnoticed by DMI through Annual Awards ceremony, service anniversaries, peer-to-peer acknowledgement through Give-A-Wow, employee referral bonuses.
    • Wellness – Healthcare benefits, Wellness programs, Flu Shots, Biometric screenings, on-site lactation rooms provide employees with several wellness options


    Employees are valued for their talents and contributions. We all take pride in helping our customers achieve their goals, which in turn contributes to the overall success of the company.

    The company does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans, and to treat qualified individuals without discrimination on the basis of their physical or mental disability or veteran status. DMI is an Equal Opportunity Employer Minority/Female/Veterans/Disability.


    ***************** No Agencies Please *****************

    Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. US citizenship may be required for some positions.




    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.