Information Assurance Engineer Job Description
Information Assurance Engineer Duties & Responsibilities
To write an effective information assurance engineer job description, begin by listing detailed duties, responsibilities and expectations. We have included information assurance engineer job description templates that you can modify and use.
Sample responsibilities for this position include:
Information Assurance Engineer Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Information Assurance Engineer
List any licenses or certifications required by the position: CISSP, II, IAT, DOD, IA, IAM, CISM, ITIL, III, CE
Education for Information Assurance Engineer
Typically a job would require a certain level of education.
Employers hiring for the information assurance engineer job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Engineering, Technical, Education, Information Assurance, Science, Systems Engineering, Computer Engineering, Information Technology, Information Systems
Skills for Information Assurance Engineer
Desired skills for information assurance engineer include:
Desired experience for information assurance engineer includes:
Information Assurance Engineer Examples
Information Assurance Engineer Job Description
- Review all aspects of proposed system security plans to ensure the system is being developed in compliance with NGA security guidelines, agency policies, and Intelligence Community Directives
- The candidate will ensure that 100% of FACILITY users have completed CURRENT training requirements for Cyber Security, as defined in AR25-2.The candidate will use the Army Training and Certification Tracking System (ATCTS) to record IA training status of all FACILITY personnel
- Report security violations and incidents to the FACILITY Chief Information Officer (CIO) in accordance with regulations and policies
- Report security violations and incidents to the Chief, Medical Maintenance in accordance with regulations and policies
- Author and maintain accreditation documentation (System Security Plan, Privacy Plan, Access Control Plan, Vulnerability Management Plan)
- Perform software installation and conduct security scans of the installed software
- Test filters and rules within firewalls and IDSs by generating/crafting pseudo-malicious network traffic
- Ensure Security Controls Assessment (SCA) Testing is scheduled and completed on an annual basis and any findings are addresses in a POAM
- Maintain routine interface with the NGA A&A team (ISSO, SCA, and DAO) and keep them informed of any pending changes to the IT system baseline which may impact security
- Maintain routine interface with relevant Department of Defense (DoD) and Intelligence Community (IC) A&A teams which may impact security for the International Program
- DoD Directive 8570.1 IAM Level I or higher certification (CISSP preferred)
- Previous experience working in a SAP environment is desired
- Considered an emerging authority, who applies extensive technical expertise
- Ability to exercise considerable latitude in determining objectives and approaches to assignment
- Bachelor's (or equivalent) with 5 - 7 yrs of experience, or a Master's and 3 to 5 yrs of experience
- BS degree in Engineering, CS, Information Systems, Systems Engineering, or a related field preferred
Information Assurance Engineer Job Description
- Review and provide input on security related test procedures prior to readiness reviews
- Develop, maintain and track security plan documentation required for FISMA and accreditation events
- Support the customer’s product offices and Project Management Offices (PMO) in the development, maintenance, and tracking of security plans
- Coordinate responses to emergency requests and security bulletins
- Coordinate with the Integrated Program Team managers to ensure issues affecting the product overall security are addressed appropriately and seamlessly with system lifecycle processes
- Provide guidance to Information Assurance A&A process activities and related documentation such as systems concept of operations, system security design, implementation plans, and operational procedures
- Develop architecture deliverables, specific to information security implementations, for operational systems and systems under development
- Evaluate proposed system architectures and designs and provide input to meet required security compliance objectives
- Coordinates all certification and accreditation activities within scope of Program Director, IA PM, System IAM and Designated Approving Authorities (DAAs)
- DIACAP/RMF (DoDI 8510.01) package
- Experience with eMASS, HBSS, ACAS, SCAP Compliance Checker (SCC), DISA STIGs
- Active TS/SCI with FS Polygraph
- At least five years general technical experience
- A bachelor's degree (preferred) in computer sciences/engineering or related technical field and 9 years of experience in systems design, development, or support is required
- Must have Cross Domain Solution (CDS) experience or knowledge
- *Must be able to obtain a clearance of TS/SCI with Poly**
Information Assurance Engineer Job Description
- Deploy and maintain guards and gateways, , firewalls, intrusion detection systems to monitor, prevent, detect, respond, report, and correct the unauthorized release of unclassified and classified data
- Research, analyze, and report best-practices in IT security and privacy policies
- Provide input to IT Security report documentation
- Provide Information Management/Information Technology (IM/IT) services to support IM/IT management, IM/IT infrastructure sustainment, software application development and sustainment, communication networks, Information Assurance (IA) compliance and Help Desk services
- Complete all scorecard reporting requirements
- Maintain a repository for all systems Assessment and Authorization (A&A) documentation and modifications, version control, and management of GOTS, COTS, and non-developmental items (NDIs) for FACILITY
- Maintain baseline and computing environment certifications based on current Army Training best business practice
- Implement and maintain all locally required IA guidance, policies, procedures, and regulations
- Ensure that IA personnel are maintaining and auditing access and log data using approved and available tools
- The Team Lead will act as the communication channel between the government COR/TCOR and contract personnel within their section.The Team Lead will receive tasks from IMD management and assign these tasks to a member or members of the section.The Team Lead will provide weekly section status reports to IMD management.This section Team Lead will consult with other section Team Leads to solve problems
- Requires 5+ years of information systems security experience or related field ? Possess and maintain DoD 8570.01-M Information Assurance Technical Level II certification
- Must have Security+ ce and a Computer Environment (CE) certification (Server 2008, Server 2012, ) meeting 8570.01M requirements
- BS – Science, Technology, Engineering or Math (STEM) and 2 Years with BS
- Experience with Battlefield Airborne Communications Node (BACN)
- Software engineering experience/familiarity with (JAVA, C++), relational databases
- Working knowledge of Linux System Administration with hands-on experience
Information Assurance Engineer Job Description
- The administration and monitoring of various security tools, generating and interpreting reports from those tools, and providing status to internal and external customers
- Conducting investigations of security incidents providing protective and corrective measures in efforts to reduce incidents and risk
- Developing, testing, and deploying engineering solutions for security findings from government audits
- Implementing and executing software and security engineering practices in the System/Software Development Life Cycle (SDLC) Process
- Tracking trends within the Cyber Security landscape and proactively developing and deploying engineering solutions against emerging threats to the enterprise
- Conduct research in multiple areas, to include emerging technologies, vulnerability information, system hardening, operating systems, application software, and security tools
- Provide technical guidance focused on information security architecture
- Participate in the technical aspects of internal security audits and investigations
- Provide technical engineering services for the support of integrated security systems and solutions
- May provide security advice and guidance to less experienced staff
- Bachelor's (or equivalent) with 8 - 10 yrs of experience, or a Master's with 6 - 8 yrs of experience, related experience includes performing a wide variety of information assurance and information systems security engineering duties, to include the certification and accreditation of information systems using DIACAP (formerly DITSCAP), NIACAP, NIST SP 800-37, DCID 6/3 and JSIG RMF frameworks
- Active TOP SECRET security clearance or recently active TOP SECRET clearance within 24 months
- Experience with ArcSight, HBSS, Retina, Websense, Cyber forensics, Cloud computing, ICS/SCADA security, malware analysis, or commanding Cyber readiness inspections
- Experience with Fortify, Splunk, Nessus and RMF controls analysis
- Excellent communication (written and oral), negotiation and interpersonal skills necessary to support known ISSE activities/challenges working with engineering teams, management, customers, partners and government
- IAT II Level certification or higher
Information Assurance Engineer Job Description
- Lead assessment of management, operational, and technical security controls employed within or inherited by an information system to determine the overall effectiveness of the controls and gather compliance evidence (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system)
- Review system design documentation, advise development SMEs on what the security requirements are (IA controls, STIGs and IAVAs), and test the security requirements during system development in a sprint environment
- Develop verification methods for security requirements and controls, execute tests with security assessment tools, and prepare test reports (e.g., DISA SCAP SCC and ACAS NESSUS scans)
- Lead the preparation and production of a System Security Administrator and Operators Manual (SSAOM)
- Work with Assessment and Authorization (A&A) authorities within the customer and the IC to ensure IA measures are taken to meet mission objectives IAW applicable security policies and directives
- Ability to analyze and implementing security controls that are applicable depended on the type IS (Information System) in order to develop and execute certification test plans
- Use tools including Host Based Security System [HBSS], Assured Compliance Assessment Solution [ACAS], Vulnerability Remediation Asset Manager
- Review package documentation
- Provide test reports to the AFNIC of products & applications for certification and inclusion in the current Air Force Evaluated Products List
- Chandler, AZ
- Must have a DoD 8570 IAT Level I certified (A+, Security +, Network+, or SSCP)
- LTE protocol stack especially in areas of control and user plane (3GPP Rel
- Network and data threat analysis and penetration testing
- Data encryption including FIPS-197 (AES algorithm)
- ISC2 System Security Certified Practitioner (SSCP)
- TIA Security+