INFORMATION SYSTEMS ARCHITECT MID
Location: Quantico, VA - MCSC - Lester St - Woodbridge Team
Clearance: TS/SCI
Education Level: High School Diploma or General Equivalency Diploma (GED)
Years of Experience: 5
Salary Range: 115,000 - 125,000
Required Certification:
- Must have a current DoD IAT Level II certification such as CompTIA Security+ certification.
- Must be able to obtain one additional certification such as CCNA, MCSA, MCSE, Linux+, VCP, or equivalent within 6 months of hire date.
Job Description
Assist the Government Lead in daily tasks to ensure all systems have current Authorizations to Operate (ATOs). Facilitate Assessment and Authorization (A&A) for Information Systems to ensure data availability, integrity, authentication, confidentiality, and non-repudiation. Through A&A review processes, ensure security measures are implemented for communication systems and networks, and provide guidance to ensure systems and personnel adhere to established security standards and Governmental requirements for security on these systems.
Develop and execute security policies, plans, and procedures. Initiate creation of A&A packages to support receipt of Authorizations to Operate (ATOs), collaborate with Engineers to gather required information for A&A packages, and update A&A packages as required. Perform lifecycle maintenance of A&A packages ensuring ATOs do not expire without proper updates.
Update Department of the Navy (DON) Application and Database Management System (DADMS) and Department of Defense Information Technology Portfolio Repository – Department of the Navy (DITPR-DON). Submit Ports and Protocols with all supplemental documentation to DISA for approval. Submit tickets to initiate action from Headquarters Marine Corps (HQMC) Command, Control, Communications, and Computers (C4) Cybersecurity Division (CY) for approval and ensure appropriate action is taken by designated points of contact.
Assist with validation of A&A packages as required by the Government. Review and provide input for Operational Plans of Action and Milestones (POA&Ms) for submission to Action Officers. Conduct vulnerability scans using Assured Compliance Assessment Solution (ACAS) and assist Engineers in documenting system vulnerabilities.
Perform vulnerability management using Tenable SecurityCenter, Nessus, RedSeal, BigFix, Security Content Automation Protocol (SCAP) Compliance Checker (SCC), HP Fortify, other automated tools, and manual inspection techniques. Document vulnerabilities in the RSA Archer eGRC system and report vulnerability statistics. Apply experience with the Department of Defense Information Assurance Program (DIACAP) and Risk Management Framework (RMF).
Responsibilities
- Assist the Government Lead with daily Assessment and Authorization (A&A) activities.
- Support lifecycle maintenance of A&A packages to ensure continuous Authorization to Operate (ATO) coverage.
- Develop, update, and maintain RMF and DIACAP documentation.
- Maintainaccuratesystem records in DADMS and DITPR-DON.
Physical Requirements
- May require lifting andmovingoffice supplies, furniture,equipmentand boxes weighing up to 25 lbs.
- May require the ability to work at multiple locations and travel nationally, as needed.
The above information in this description has been designed to indicate the general nature and level of work performed by an employee in this classification. It is not to be interpreted as a comprehensive inventory, or all duties, responsibilities, and qualifications of employees assigned to this job. Management has the right to add to, revise, or delete information in this description. Reasonable accommodation will be made to enable qualified individuals with disabilities to perform the essential functions of this position.
To apply, please email a cover letter and your resume to HR@uluhitech.com.