Information Assurance Manager

Location: Bethesda, MD
Date Posted: 12-25-2017
Our client is tasked to provide daily support for the Navy Bloodborne Infection Management Center (NBIMC) application and systems that supports clinical patient management through inpatient and outpatient care in the field, at hospitals, and branch clinic locations worldwide. NBIMC operates a system called HIV Management Service (HMS) that maintains interoperability with other medical systems. HMS is a certified and accredited distributed internet application with the database and database application residing on a central, dedicated network of servers providing client/server support to selected users.
 
RESPONSIBILITIES
  • Conduct Security Engineering, IA, and C&A of DoD and Federal Information Systems, which will include developing security requirements, data gathering and documenting system security plans, risk assessments, contingency plans, security test and evaluation plans, security concepts of operations.
  • Coordinate and perform technical and non-technical certification & accreditation assessments to evaluate compliance with established information assurance policies and regulations according to DoD, NSA, DISA, NIST and other IA related military/federal requirements.
  • Develop, review, and maintain security policies and standards on commonly deployed systems, such as MS Windows, UNIX/LINUX, routers, switches, firewalls, wireless bridges, wireless intrusion detection systems, databases, web servers and software applications.
  • Use knowledge of PKI principles to implement and provide guidance regarding PKI implementation including CAC based authentication.
  • Generate or Review RMF packages.
  • Provide IA and System Security expertise
  • Security Engineering guidance
  • Comprehensive vulnerability and threat analysis
  • Guidance on IA security solutions
  • Security assessments (onsite and vendor facility)
  • Analysis activity providing threat warnings, attack alerts and bulletins
  • Security engineering services that leverage government and commercial solutions
  • Review, at least annually, existing IA risk management processes to ensure compliance with DoN/DoD policy.
  • Ensure continuous review of current threats, vulnerabilities, technologies, and mission changes for impact on organizational risk posture.
  • Analysis and enhancements of the current Information Assurance Program.
  • Support the Security Test and Evaluation (ST&E)
  • Penetration Testing support
  • Validation of Communication Security (COMSEC) Compliance
  • System Management Analysis
  • Performs AISs and networks Evaluations and Audits.
  • Contingency Plan Evaluation and update
  • Risk Management Review and update
  • Provides support in the implementation of IA policies in accordance with Federal and DoD AIS security regulations, as well as creating policies based on the effectiveness of existing IA best practices and policies.
  • Communicates security related IA issues or items of interest affecting the NBIMC; and tests, verifies, and assures that adequate security controls exist within the IT systems supporting the NBIMC.
  • Provides support and assistance of the implementation of the Information Assurance Vulnerability Alert (IAVA) process within the NBIMC.
  • Perform vulnerability assessments, and provide results quarterly.
  • Provides guidance on IA responsibilities and procedures to HMS AIS users and external partners.
  • Use effective writing and verbal communication skills to advise management on security requirements and information assurance trends and solutions.
  • Manage multiple projects and deadlines.
  • Perform other assigned duties as required. 
REQUIRED EXPERIENCE
  • Extensive knowledge of the C&A process within the DHA framework and experience reviewing, advising, and processing RMF packages, to include experience with C&A package submission through eMASS
  • Ability to attain a Secret security clearance
  • Certified Information Sys Sec Prof (CISSP) designation
  • Qualified at the IAM Level III for the DoD Information Assurance Workforce, to include Security +
  • Knowledgeable of RMF and other risk assessment frameworks (e.g., NIST)
  • Capable of communicating, both orally and in writing, with a wide range of professional contacts
  • DoD Secret Required
  • 5- 6 years overall experience required.
  • 4 Year Degree Required 
 
 
 
 If you are interested in getting more information about this opportunity, please contact Irina Rozenberg
 irozenberg@arielpartners.com  at your earliest convenience.


At Ariel Partners, we solve the most difficult problems that inhibit technology from enabling our customers to achieve their goals. Our vision is to be recognized by our stakeholders as an elite provider of IT solutions, so when they have their biggest challenges we’re on their short list. We’re looking for team members who share our values of: Integrity to do the right thing even when it hurts; Commitment to the long term success and happiness of our customers, our people, and our partners; Courage to take on difficult challenges, accept new ideas, and accept incremental failure; and the constant pursuit of Excellence

Ariel Partners is an Equal Opportunity Employer in accordance with federal, state, and local laws.
or
this job portal is powered by CATS