Information Assurance Analyst - DOD Secret
Billet Description: Provider of technical expertise to protect unclassified, sensitive, or classified information stored, processed, accessed, or transmitted by REF Information Systems as directed by Army and DoD IA policies and guidance.
Billet Roles and Responsibilities:
• The contractor shall fulfill Information Assurance Security Officer responsibilities as designated in Army Regulation 25–2 “Information Assurance”.
• The contractor shall enforce Army IA policy, guidance, and training requirements per Army Regulation 25–2 “Information Assurance” and all other appropriate Army guidance.
• The contractor shall safeguard all Sensitive and/or Classified Data to include maintaining classification guidance for systems, providing classified handling, processing and discussion guidance and managing user credentials.
• The contractor shall manage and maintain REF network user credentials and review and approve all user access requests (verify DD2875, need-to-know, etc)
• The contractor shall develop and enforce a formal IA security and training program, including SOPs, user guides, training, Security Technical Implementation Guide compliance, etc.
• The contractor shall ensure implementation of Information Assurance Vulnerability Management dissemination, reporting, and compliance procedures for all REF IT systems.
• The contractor shall maintain current software licenses and ensure security related documentation is current and accessible to properly authorized individuals for all REF IT systems
• The contractor shall conduct security inspections, assessments, tests, and reviews for all REF IT systems.
• The contractor shall conduct semi-annual reviews of all REF IT systems and networks to ensure no security changes have been made to invalidate valid Authority to Operate statements.
• The contractor shall develop, test, and maintain Continuity of Operations Plan /disaster recovery plan for all REF IT systems.
• The contractor shall prepare Certification and Accreditation documentation, including security test results, for all REF IT Systems showing that they meet minimal risk acceptance standards. Submit the documentation to the REF Designated Approval Authority (DAA) for Authority to Operate statements.
• The contractor shall prepare documentation requesting Certificates of Net-worthiness for all REF IT Systems. Submit the documentation to NETCOM for approval.
• The contractor shall plan, prepare and execute Defense Information System Network connection approval requirements for DoD Service and Agency Information Systems. This work also includes Connection Compliance Assessment efforts, assessing the local subscriber environment information system and technology's security posture for compliance with policies and directives.
• The contractor shall maintain records (including use of IA tools) for all Information Systems Certification and Accreditation activities, Certificates of Not-worthiness and other related documentation.
• The contractor shall facilitate IA requirements between REF staff and other Army resources such as CIO G6, REF DAA and Information Assurance Program Manager, NETCOM, the Fort Belvoir NEC and the Fort Belvoir DOIM.
• The contractor shall work with REF personnel to understand requirements and translate those into fixes and additional capabilities.
• The contractor shall provide guidance and assist the REF IT Manager on IA process, tools, strategies and architecture to maximize relevant information availability and recommend changes as needed.
• The contractor shall analyze newly recommended technology for IA utility; recommend acceptance and integration as appropriate.
• The contractor shall provide asset management for all IA devices and systems.
• The contractor shall ensure all processes and procedures are clearly documented in SOP format for reference by the REF IT department.
• The contractor shall provide primary or secondary backup to the other members of the REF IT department.
Educational Requirements: Bachelor's degree from an accredited college or university in computer science, computer engineering, or information systems.
Experience Requirements: Five (5) years or more experience in similar positions for DA clients.
Other Requirements: This billet has been designated IAM Level II in accordance with DoD Directive 8570.1 As outlined in DoD 8570.01-M “Information Assurance Workforce Improvement Program”, a contractor must obtain the appropriate DoD-approved IA baseline certification prior to being engaged.
• Army Privileged User IA Responsibilities Certification
• Army Information Assurance Fundamentals Training
• Army Information Assurance Security Officer Certification
• Army Computing Environment/ Network Environment certification(s)
• DISA DVS VTC Certification
• Fulfill IAM Level II requirements as documented in DoD Directive 8570.1
• Fulfill IAT Level II requirements as documented in DoD Directive 8570.1
• The contractor has up to 6 months to obtain any other training that may be required in the future for this position.