Information System Security Specialist - Virginia Beach, VA

at  Auria

Auria is looking for an Information System Security Specialist to support Naval Surface Warfare Center (NSWC) Dahlgren and Dam Neck (DNA) divisions to address security of naval warfare systems. The NSWC Dahlgren and DNA divisions provide research, development, Test & Evaluation (T&E), analysis, systems engineering, integration, and certification of complex naval warfare systems. NSWCDD-DNA is located in a major fleet concentration area, which enables it to leverage its’ unique laboratories and facilities for readiness and training systems. NSWCDD-DNA’s work is focused on providing engineering, acquisition, logistical, and Cyber Security support to the Navy, Marine Corp, Special Warfare Coalition, and Joint Forces. The Information System Security Specialist will conduct Risk Management Framework (RMF) activities and will be familiar will all steps in the A&A process. This is an onsite position.
This is an onsite position that is FUNDED and an IMMEDIATE start. Significant annual retention bonus also offered.
Salary Range: $85,000 - $90,000 DOE

REQUIREMENTS:

• Secret clearance
• Associate Degree OR one of the following certifications (CAP, CASP+, Security+, SSCP)
• Shall have a minimum of five (5) years’ experience in performing Risk Management Framework (RMF) activities.
• Shall have demonstrated experience with performing STIG assessments to include using SCAP benchmarks.
• Shall have demonstrated experience performing vulnerability assessments with the Assured Compliance Assessment Solution (ACAS) tool.
• Shall have demonstrated experience using eMASS.
• Shall have experience in developing Plans of Actions and Milestones (POA&M) entries.
• Shall have experience in completing Risk Management Framework Step 5 authorizations in the Information System Security Engineer (ISSE) capacity.
• Shall have demonstrated experience in communicating risk reduction recommendations to stakeholders.
  Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At La Jolla Logic, we are dedicated to building a diverse, inclusive, and authentic workplace. If you’re excited about this role, but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.

• Provide support for RMF activities to include selection, implementation, and assessment of security controls.
• Review Government documentation to determine the system configuration, and missing documentation in order to assist with the creation of RMF artifacts delivered in eMASS.
• Document all identified controls on its respective category in the security plan on the A&A reporting tool and RMF POA&M.
• Evaluate if security controls are implemented consistent with DoD and DoD Component IA architectures and standards, employing system and software engineering methodologies, security engineering principles, and secure coding techniques.
• Prepare the RMF POA&M based on the vulnerabilities identified during the security control assessment.
• Assist the DoD component with monitoring and tracking the overall execution of system-level RMF POA&Ms across the entire component until identified security vulnerabilities have been remediated and the RMF documentation is appropriately adjusted.
• Assemble the security authorization package and assist the Government in submitting the package to the AO for adjudication.
• Continuously monitor the system or information environment for security relevant events and configuration changes that negatively affect securityposture and update RMF artifacts as required.
• Periodically assess the quality of security controls implementation against performance indicators, such as security incidents, feedback from external inspection agencies, exercises, and operational evaluations.