Information Assurance Specialist Job Description
Information Assurance Specialist Duties & Responsibilities
To write an effective information assurance specialist job description, begin by listing detailed duties, responsibilities and expectations. We have included information assurance specialist job description templates that you can modify and use.
Sample responsibilities for this position include:
Information Assurance Specialist Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Information Assurance Specialist
List any licenses or certifications required by the position: IAT, CISSP, II, III, IAM, IA, GSEC, SRR, DIACAP, ACAS
Education for Information Assurance Specialist
Typically a job would require a certain level of education.
Employers hiring for the information assurance specialist job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Engineering, Technical, Information Technology, Education, Information Systems, Computer Engineering, Supervision, Information Assurance, Mathematics
Skills for Information Assurance Specialist
Desired skills for information assurance specialist include:
Desired experience for information assurance specialist includes:
Information Assurance Specialist Examples
Information Assurance Specialist Job Description
- Perform risk analyses of applications/networks
- Maintain knowledge of C&A and the full systems security life cycle and comprehend Federal Information Security Management Act (FISMA) requirements
- Provides work direction and guidance to other personnel
- Will work with complex system architectures
- Leverage Software Support Activity (SSA) services while working in conjunction with JPMs across the JPEO-CBD to facilitate risk management framework activities
- Investigate the intricacies of migrating JPEO-CBD applications to cloud computing environments, examining the vulnerabilities involved and developing methodology to mitigate such vulnerabilities
- Assist the Government to successfully implement Chemical, Biological, Radiological, and Nuclear (CBRN) capabilities within the various cloud environments
- Manage information-related risks in enterprise architectures, acquisition strategies, and testing and evaluation, and work to achieve cyber security Certification and Accreditation (C&A)
- Identify Critical Program Information (CPI) in terms of the importance to the program being developed
- Document each program’s overall cyber security approach and requirements, including determining the appropriate Certification and Accreditation (C&A) process, contributing content for Life Cycle Management Plans (LCMPs), assisting programs in the creation of a Security Classification Guide (SCG), and assisting in the development of Program Protection Plans (PPPs)
- Maintain current knowledge of Cybersecurity industry best practices and recommend system changes as necessary to keep the USSTRATCOM IT infrastructure current
- Prepare configuration updates or mitigation strategy and at the direction of the government, execute configuration updates as Cybersecurity threats are identified
- IC experience with agencies/element
- Bachelor's Degree in Computer Science, Computer Engineering, Information Technology, Cyber Engineering or a related discipline
- Minimum of 5 years of relevant experience [3 years if Master’s degree]
- Proficiency in scanning tools such as SourceFire, eEye Retina, or ACAS
Information Assurance Specialist Job Description
- Validate system compliance with essential information assurance and Computer Network Defense (CND) requirements, including DOD C&A policy guidance (e.g., 5200, 8500, 8100.3, ), and provide updates to program managers
- Investigate the intricacies of migrating RDECOM applications to cloud computing environments, examining the vulnerabilities involved and developing methodology to mitigate such vulnerabilities
- Examine RDECOM programs and system characteristics to develop strategies for compliance, when required
- Install, configure, and maintain computer and network security software, including instances of the Assured Compliance Assessment Solution (ACAS), the Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) Viewer, and other cyber security software test and scanning software applications
- Work independently with minimal direction
- Ability to assess the impact of computer and/or network system security vulnerabilities to the information assurance environment and develop mitigating solutions
- Develop and document IA processes for the DCGS-A brain supporting organization(s)as required
- Ability to assess current IA capabilities against future requirements and provide a strategy to close any capability gap.· Research IA regulatory compliance requirements and tools for IA requirements
- Provide recommendations and strategies for material and/or non-material solutions to improve the system and/or organizational IA posture
- Conduct vulnerability assessments on assets and review results to verify targeted assets (e.g., servers, workstations, network appliances, ) conform to security requirements
- Must command critical communications skills of listening, speaking, leading test discussions with executive managers and writing white papers focusing on the security risks of cloud architectures
- The prospective candidate must be a Certified Information System Security Professional (CISSP)
- Three years experience that indicates understanding of principles of multi level security solutions as employed in the context of DoD Joint Information Environment and the Defense Information Systems Network (DISN) network elements, and the role of those principles within the enterprise service architecture to achieve dissemination of releasable information from end to end which enables interoperability and IA within DoD networks
- Experience with the NISPOM (Chapter 8 familiarity with other Chapters), ODAA Process Manual and Baseline Technical Security Configuration Standards
- Experience with certifying compliance and auditing the security aspects of various operating systems (Windows, LINUX and UNIX )
- Chapter 8 (IS201.16)
Information Assurance Specialist Job Description
- Fulfill the requirements of the DoDD 8570.01-M, IA Workforce Improvement Program
- Provide training on use of the Government Auditing/Anomaly Threat Detection technology
- Receive automated user activity monitoring/audit data and alerts from sensors deployed on Navy’s classified and unclassified networks and conduct initial analysis response and feedback of audit data collected to monitor, detect and mitigate cyber and insider threats
- Provide tracking matrices to customer
- Perform analysis of audit data and alerts to identify anomalous/suspicious behavior and activities that presents security violations and potential threats to the network
- Coordinate with other departments to resolve audit alerts as required by standard operating procedures
- Assist in policy refinements based on event activities across the classified network
- Support customer team leads by engaging with other organizational elements (e.g., CI, Security, CND, IA, ) to remain aware of known Advanced Persistent Threats (APT), evolution of cyber security and insider threat technology and methodology, and other related focus areas that could impact operational mission objectives
- The contractor shall capture, document, develop and provide a Lessons Learned document for the
- Recommend solutions, to include cost estimates for technical and manpower resources, addressing items identified in the pilot and identifying a path forward to establish Initial Operating Capabilities (IOC) and potential deployment across the Naval Intelligence Enterprise
- NISP CA Process Walk-Thru (IS200.16/.06)
- Technical Implementation of C&A (IS310.16/.06)
- Risk Management Framework - RMF (CS100.CU)
- Experience with various information system security assessment/hardening tools – Nessus, Retina
- Thorough knowledge of Microsoft Windows 2000/2003/2007 Server, Microsoft Exchange Server 2003, Microsoft Windows XP/Vista operating systems (OS) administration and associated hardware
- Master’s degree coupled with ten years’ applicable experience
Information Assurance Specialist Job Description
- Serve as a subject matter expert, participating in meetings, working groups, system demonstrations, and conferences as needed
- Provide briefings and presentation materials, conference or meeting materials, technical memoranda, and administrative reports in support of this Task Order
- Provide the customer with a copy of all documentation developed in support of the task order
- Work with multiple organizations within the Navy responsible for systems control, integration, testing, security, and maintenance, appropriate privacy and legal authorities and external partners
- Assisting USSOCOM, its Component Commands, TSOCs, and deployed forces in the planning and execution of a Cybersecurity Training Program
- Developing a Cybersecurity Awareness Campaign which includes weekly news articles and Cybersecurity awareness aids distributed to SOF organizational Cybersecurity officers
- Assisting USSOCOM, its Component Commands, TSOCs, and deployed forces with the planning, implementation and execution of a Cybersecurity Exercise program
- Remain current on national vulnerability websites
- Understand security vulnerabilities for operating systems, application and web server, and database software
- Designing, developing, and maintaining DoDAF-compliant architecture computer models
- Intro to the NISP CA Process (IS100.16/.06)
- A bachelor’s degree and certifications with twelve years’ experience may be considered in lieu of master’s degree
- Master’s degree coupled with a minimum of ten years’ applicable experience
- Bachelor’s degree and certifications coupled with twelve years’ applicable experience may be considered in lieu of master’s degree
- Six years experience in Information Assurance
- Or 10+ years of relevant work experience
Information Assurance Specialist Job Description
- Responsible for preparing documentation such as Risk Assessment Reports (RARs) for the ISSM/CISO, System Security Plans (SSPs), Development of Plan of Action & Milestones (POA&Ms) to ensure compliance with Government and DC3 Cybersecurity policies and procedures
- Define the NGA Enterprise ICD 503, Intelligence Overlay C modernization and transition roadmap for Infrastructure Services, NGA’s Enable GEOINT competency
- Assess NGA contract baselines against ICD 503, Intelligence Overlay C and compartmented functional and security needs for Infrastructure Services, NGA’s Enable GEOINT competency
- Define and control requirements for NGA systems and services to resolve gaps against compartmented functional and security needs, specifically ICD 503 Intelligence Overlay C requirements for Infrastructure Services, NGA’s Enable GEOINT competency
- Must perform daily reviews of systems to ensure normal maintenance functions are performing properly execution of daily/weekly system health checks/checklists
- Will coordinate with vendors, DISA, and NAVSEA, , component organizations for technology, capability, and policy issues
- Perform assessment of present levels of cyber security, define acceptable levels of risk, train all personnel in proper cyber hygiene and establish formal maintenance procedures
- Perform privacy impact assessments and provide PII data security and monitoring and migration strategies
- Identify potential vulnerabilities to cyber and
- Provide technologies for identification, modeling, and predictive analysis of cyber threats
- Knowledgeable of current Government Information Assurance and Cybersecurity policy, regulations and standards
- Bachelor’s Degree Computer Science, Systems Engineering, Cybersecurity, Information Technology or related area, or the equivalent combination of education, professional training, or work/military experience
- At least 8 years of related experience to include previous SOC Analyst experience at a federal agency
- Bachelor's Degree with 5 years specific work experience and 8 years general work experience, preferred
- Or a high school diploma 7 years specific work experience and 12 years general work experience
- 3 years experience in conducting information system security assessments