Philadelphia, PA
Posted 11 months ago

Work Status:  Full-Time

Location:  Philadelphia, PA

Security Clearance:  Secret

Requisition Number:  CU-IAC-II-001

Job Summary:

The Information Assurance Compliance II will support efforts to integrate new technology with IT security standards, technical writing, governance, and policy development/ management required to develop, evaluate Information Assurance Assessment and Authorization (A&A) for servers and systems, and validation for systems.

Responsibilities:

  • Provide DoD Information Assurance Certification & Accreditation Process (DIACAP) and Risk Management Framework (RMF) services.
  • Perform validation of A&A packages and artifacts; implementation of security postures.
  • Follow the most current applicable documents including: DON RMF Process Guide, DoD Instruction 8510.01, and the business rules of cognizant review offices for each package.
  • Perform A&A Validation including their associated validation test procedures; associated validation artifact; validation plan and procedures; compliance status; validation tests; validation results/report and supporting documentation.
  • Validate the confidentiality, integrity, and availability of systems, networks, and data in accordance with information systems programs, policies, procedures and goals.
  • Develop procedures to ensure information systems reliability and accessibility; prevent and defend against unauthorized systems, network and data.
  • Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks protection needs; conduct systems security evaluation, audits, and reviews; determine the residual risk of a package based on content and assessment results and documenting for the Security Controls Assessor’s (SCA) and higher-level review.
  • Conduct systems security reviews, audits, or evaluations, as appropriate, to ensure accreditation documents are accurate in the current risk posture of the system.
  • Interpret and implement local information security and higher-level policies and procedures to ensure networks and information systems are reliable, accessible and protected against unauthorized access.

Requirements:

  • Five years of practical experience in a cybersecurity or assessment and authorization (A&A) related field. Experience should include implementing and/or reviewing RMF and A&A lifecycle documentation in accordance with DON, DoD, NIST SP-800-37, and SP-800-53 Rev 4 policies; ensuring/validating the confidentiality, integrity, and availability of systems, networks, and information; and conducting risk and vulnerability reviews and assessments to ensure accreditation procedures were followed, and documenting non-compliance.
  • CAP, GSLC, Security+ CE.
  • Bachelor’s degree in computer science, information technology, or an equivalent technical degree from an accredited college or university.

Apply Online

A valid email address is required.
A valid phone number is required.

ODME is a Federal contractor and an Equal Opportunity Employer. ODME is subject to Executive Order 11246, which requires government contractors to take affirmative action to ensure that equal opportunity is provided in all aspects of their employment. In addition, we are subject to Vietnam Era Veterans’ Readjustment Assistance Act of 1974, as amended by the Jobs for Veterans Act of 2002, 38 U.S.C. 4212 (VEVRAA), which requires Government contractors to take affirmative action to employ and advance in employment protected veterans. In order to comply with these laws, ODME invites applicants to voluntarily self-identify their gender, race/ethnicity and protected veteran status. ODME does not discriminate on the basis of race, religion, color, sex, sexual orientation, gender identity, age, protected veteran status, non-disqualifying physical or mental disability, national origin, genetic information, or any other basis covered by appropriate law.  All employment is decided on the basis of qualifications, merit, and business need.

Submission of this information is voluntary and refusal to provide it will not subject you to any adverse treatment. The information obtained will be kept confidential and may only be used in accordance with the provisions of applicable laws, executive orders, and regulations, including those that require the information to be summarized and reported to the federal government for civil rights enforcement. When reported, data will not identify any specific individual.

ODME invites any applicant and/or employee to review the Company’s written Affirmative Action Policy (Link)