Abacus Technology is seeking an Information Assurance Lead to provide technical support for the Air Force Research Laboratory (AFRL) Information Directorate. This is a full-time position.
Working Information Assurance Lead for Tier 3 Information Assurance management. Develop and complete System Security Documents in accordance with the RMF Process. Monitor policy for AFRL relating to the compliance, validation, and assessment of the network. Implement cyber security controls and assist customers with the implementation on cyber security controls where the cyber security controls fall outside of the contractor's area of responsibility. Continuously monitor for control compliance and take immediate actions to bring systems into compliance. Ensure that all application deliverables comply with the DISA Application Security & Development and Database STIG, which includes the need for source code scanning and a Web Penetration Test to mitigate vulnerabilities (including as examples, SQL injections, cross-site scripting, and buffer overflows). Perform the Information Assurance Vulnerability Management (IAVM) process by ensuring systems and networks maintain compliance with vulnerabilities. Track and analyze Plan of Action & Milestones (POA&Ms) reports to conduct risks assessments. Review current CCRI requirements and ensure systems and their operations are compliant.
5+ years' experience in information assurance. Must be IAT Level III (CISSP, CASP+ CE, CISA, GCED, GCIH, or CCNP Security) certified IAW AFMAN 17-1303.. Extensive experience with Risk Management Framework (RMF), STIGs, and cyber security controls. Experience working with Enterprise Mission Assurance Support Service (eMASS). Experience performing IAVA compliance audits using DISA tools such as SCAP. Experience performing vulnerability and risk assessment using DISA's Assured Compliance Assessment Solution (ACAS) suite or Nessus Security Scanner. Strong desktop application administration experience to include Microsoft Office, web browsers, and anti-virus applications. Must be detail oriented and possess the ability to work in a multi-disciplined environment with an adaptive personality. Excellent communication skills, both oral and written. Analytical skills to troubleshoot cyber security issues. Must be able to apply intensive and diverse knowledge to problems and make independent decisions. Must be a team player able to work professionally and collaboratively with the government customer and other contract members of the project team. Must be a US citizen and hold a current Secret clearance.
Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.