Job Information
Serco Information Assurance Analyst - Navy in District Of Columbia
Position Description
If you love high profile and challenging cyber security projects supporting the US Navy- Serco has a great opportunity for you! This Information Assurance Analyst will liaison with the various Program Executive Office cyber staff, related to training system acquisition and Information Assurance (IA) accreditation.This position requires to work in the office at the Washington Navy Yard. Therefore, flexibility to a hybrid work schedule is allowed.
This position will assist with all actions required to ensure systems achieve and maintain Cyber security, Authorization and Accreditation (A&A) compliancy. Bring your expertise and collaborative skills to make an impact towards our military cyber security and safety of our sailors.
Serve in the capacity as a Cyber Security Subject Matter Expert (SME). Liaison with the various Program Executive Office cyber staff, related to training system acquisition and Information Assurance (IA) accreditation. This position will assist with all actions required to ensure systems achieve and maintain Authority to Operate (ATO). Involved in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments.
In this role you will:
Conduct Assessment & Authorization (A&A) and Certification and Accreditation (C&A) activities through RMF for Defense Business Systems, Research, Development, Test and Evaluation (RDT&E), and Platform Information Technology (PIT) Information Systems, and networks, for system registered within Navy Enterprise Mission Assurance Support Services (eMASS) or its successor, in accordance with current DoD, DON, and NAVSEA policies.
Conduct in-depth technical reviews of A&A and C&A documentation from NAVSEA Program Executive Offices (PEOs) and field activities seeking authorization and/or accreditation from the Navy Authorizing Official (NAO) or the Functional Authorizing Official (FAO) in accordance with appropriate policies and procedures.
Based on the technical reviews conducted, the contractor shall develop recommendations for correctives actions and/or courses of action.
This includes, but is not limited to, recommendations on the following: validation test procedures, validation artifacts, validation plans and procedures, compliance status, validation tests, and validation results/repots and supporting documentation.
Review, validation and corrective feedback reports in alignment with current and evolving governing risk compliance process, procedure, guidance, goverence and law.
Additional Responsibilities:
Assist Surface Warfare Training Systems (PMS 339), and liaison with SEA 21 and NAVSEA field activities in preparing their A&A and/or C&A documentation for submission to the NAO/FAO.
Performing all required and approved SCA Liaison RMF process steps, as outlined in the Navy Risk Management Framework (RMF) Process Guide v1.0.
Assessing approved technical and non-technical security features of a system or network to address known threats and vulnerabilities. The evaluation must consider and identify impacts as well as consideration of existing risk mitigation strategies.
Acting as an independent and impartial assessor to determine and certify aggregate cybersecurity risk for recommendation to the SCA.
Participating in RMF Checkpoints and providing initial concurrence on behalf of the SCA for the Security Assessment Plan (SAP), ensuring all appropriate security controls will be assessed for compliance.
Approving the Security Assessment Report with SCA concurrence.
Auditing RMF authorization packages.
Ensuring RMF packages are correctly entered in eMASS by the ISSM and ISSE in accordance with the eMASS User Guide.
Schedule and facilitate collaboration meetings between the Security Controls Assessor (SCA), NAVSEA Echelon II representatives, and appropriate program offices, Warfare Centers and Engineering Agents.
Assist in executing Cyber Security Assistance Visits at various NAVSEA activities with focus on the A&A and C&A efforts of the activity being assisted. Trips are usually 3 to 5 days in duration and estimated to occur 6 to 8 times per year.
Maintain the Department of Defense Information Technology Portfolio Repository – Department of the Navy (DITPR-DON) database, used to record the present status of all NAVY IT systems.
Assist the Cyber PM, Warfare centers and engineering agents in the implementation and execution of DOD and DON cyber directives and policy and directives and policies.
Provide reports as required such as, but not limited to, weekly metrics regarding A&A packages, risk metrics and data calls.
Qualifications
To be successful in this role, you must have:
An Active U.S. DoD Issued Secret Clearance
Bachelor’s degree in Information Assurance, Computer Science or a related field and 8 years of directly related experience.
Educational requirements may be adjusted or waived for applicable work experience and / or GLSC / CISSP or CISM certification
Fully Qualified Navy Validator (FQNV) certification with transition to Navy Qualified Validator (NQV) appointment under RMF.
IAT Level II certification or higher is required (i.e. Security +,GSEC.
CySA+, CCNA Security, SSCP, GISCP, CISSP, CISM, CAP, CISA, CCNP Security, or GSLC.
Proficiency with Navy Certification and Accreditation (C&A) processes is required.
Expert knowledge of Enterprise Mission Assurance Support Service (eMASS) and Risk Management Framework (RMF) and ability to assess security controls is required.
Understanding of the RMF risk assessment process, and Navy Testing Guidance to include proper mitigation strategies.
Ability to communicate effectively and clearly present technical approaches and findings.
Ability to apply technical expertise and may have knowledge of other related disciplines.
Ability to work effectively in a diverse work group.
Ability to travel 10%.
Experience with Navy systems and organizations is a plus.
If you are interested in supporting and working with our NAVSEA efforts, then submit your application now for immediate consideration. It only takes a few minutes and could change your career!
In compliance with state and local laws regarding pay transparency, the salary for this role is $ 117,229.97 to $ 195,383.28 ; however, Serco considers several factors when extending an offer, including but not limited to, the role and associated responsibilities, a candidate's work experience, education/training, and key skills.
Company Overview
Serco Inc. (Serco) is the Americas division of Serco Group, plc. In North America, Serco’s 9,000+ employees strive to make an impact every day across 100+ sites in the areas of Defense, Citizen Services, and Transportation. We help our clients deliver vital services more efficiently while increasing the satisfaction of their end customers. Serco serves every branch of the U.S. military, numerous U.S. Federal civilian agencies, the Intelligence Community, the Canadian government, state, provincial and local governments, and commercial clients. While your place may look a little different depending on your role, we know you will find yours here. Wherever you work and whatever you do, we invite you to discover your place in our world. Serco is a place you can count on and where you can make an impact because every contribution matters.
To review Serco benefits please visit: https://www.serco.com/na/careers/benefits-of-choosing-serco . If you require an accommodation with the application process please email: careers@serco-na.com or call the HR Service Desk at 800-628-6458, option 1. Please note, due to EEOC/OFCCP compliance, Serco is unable to accept resumes by email.
Candidates may be asked to present proof of identify during the selection process. If requested, this will require presentation of a government-issued I.D. (with photo) with name and address that match the information entered on the application. Serco will not take possession of or retain/store the information provided as proof of identity. For more information on how Serco uses your information, please see ourApplicant Privacy Policy and Notice (https://www.serco.com/na/privacy-policy) .
Serco does not accept unsolicited resumes through or from search firms or staffing agencies without being a contracted approved vendor. All unsolicited resumes will be considered the property of Serco and will not be obligated to pay a placement or contract fee. If you are interested in becoming an approved vendor at Serco, please email Agencies@serco-na.com .
Serco is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics.
Click here to apply now (https://careers-sercous.icims.com/jobs/67054/information-assurance-analyst---navy/job?mode=apply&apply=yes&in_iframe=1&hashed=-1834477830)
New to Serco?
Join our Talent Community! (https://talent.serco-na.com/talentcommunity/signup)
ID 67054
Recruiting Location : Location US-DC-
Category Information Security/Cyber
Position Type Full-Time
Security Clearance Secret
Telework Yes - May Consider Occasional/Part Time Teleworking for this position
Serco
- Serco Jobs