View Our Website View All Jobs

Security Analyst IA Engineer

Information Assurance Engineer / Security Analyst

The qualified applicant will be the Subject Matter Expert (SME). The IA Engineer / Security Analyst will perform a broad range of IA activities associated with maintaining and enhancing the security posture and maintaining the system's Authority to Operate.

  • Location:  Falls Church & Department of State (DOS)
  • Must have an active SECRET/DoD clearance
  • Must hold and maintain a qualifying IA certification such as: CISSP, CAP, CISM, Security+/CASP
  • Bachelor’s degree in computer science or equivalent field

Responsibilities:

  • Develop accreditation packages for applications hosted on Microsoft Azure Cloud and ServiceNow, both FedRAMP accredited Cloud Service Provider (CSP).
  • Identify, select, implement, assess RMF NIST 800-53 Rev 4 controls.
  • Work hand in hand with developers to configure the application (or justify/POA&Ms) for all CAT I/II/III vulnerabilities compliance.
  • Conduct ongoing monitoring of compliance with required IA controls and annual artifact updates
  • Ensure annual compliance through coordinating with IA/IRM and with designated ISSO/AISSO and Bureau Coordinator.
  • Work hand in hand with Cloud Computing Governance Board (CCGB) POC to provide all documentations and requirements necessary to be accepted by CCGB.
  • Assist developers on researching and implementing security functions through the CSP’s Management console.
  • Developing/maintaining security plans and supporting standard operating procedures as required to maintain the security posture and ensure compliance with required DoS IA controls
  • Actively supporting the system development life-cycle through participation in requirement, design, and other life-cycle milestone reviews to ensure security and IA interests are appropriately addressed and through active participation in change control processes
  • Assessing the security impact/risk of proposed changes to the system, software, or architecture to ensure the security posture is maintained as the system continues to evolve
  • Supporting security incident analysis, reporting, and response activities as well as conducting training and exercises related to incident response
  • Maintaining and implementing access control procedures, including approving account requests, performing periodic audits of existing accounts, and authorizing and monitoring access to data center facilities
  • Assisting in the identification of corrective actions for identified vulnerabilities; developing plans of actions and milestones (POA&Ms) and/or risk assessments for identified vulnerabilities, and working with the Operations team to track the execution of corrective actions and POA&M items to completion.

Basic Qualifications:

  • Must hold and maintain a qualifying IA certification such as: CISSP, CAP, CISM, Security+/CASP
  • Must have an understanding RMF requirements as well as commercial best practice for Cloud Computing
  • Must have experience or have working knowledge of working with FedRAMP packages
  • Must have quantifiable A&A experience with Cloud Service Provider (CSP) such as Microsoft, Amazon, Google, ServiceNow
  • Must have strong background in Information Assurance practices
  • Must have experience writing A&A documentations such as (but not limited to): System Security Plan (SSP), Contingency Plan (CP), Contingency Plan Test (CPT), Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action and Milestone (POA&M), Privacy Impact Analysis (PIA), E-Authentication Risk Assessment (eRA), Controls Selection Tool (SCF)
  • Must have experience with XACTA
  • Must be willing to travel to DOS (HST) building downtown for a weekly meeting
  • Must be able to communicate and educate customer on RMF and/or IA processes
  • Excellent written and oral communication skills 

Company Overview:

Business Computers Management Consulting Group, LLC (BCMC) is an 8(a) Small Disadvantaged Business specializing in Information Technology (IT), Cybersecurity, Information Assurance (IA), SOA, Big Data Management, Program Management, and more for Federal, State, and Local agencies. We are appraised at CMMI Level 3 and ISO 9001:2008 certified and registered promising highest quality to all of our clients.

  • https://bcmcgroup.com/
  • https://www.linkedin.com/company/bcmc-llc
  • http://www.indeed.com/cmp/Bcmc
Read More

Apply for this position

Required*
Apply with Indeed
Attach resume as .pdf, .doc, or .docx (limit 2MB) or Paste resume

Paste your resume here or Attach resume file

To comply with government Equal Employment Opportunity / Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.
Gender
Race/Ethnicity
Veteran/Disability status