Skip to content

Information Assurance Security Specialist

In this position, you are an Information Assurance Security Specialist (IASS) responsible for providing security-related support services to a portfolio of existing operational systems of varying sizes and complexity.  Your primary responsibility is to help ensure the program office, system owners and engineering staff are responsive to the agency’s security related inquires, comply with policies and security controls, and maintain security authorization artifacts.  You will act as a liaison to communicate and provide timely/accurate responses to federal and agency security related data calls (e.g., FISMA reporting, assets with known vulnerabilities) to include interpreting changes to policies, standards, and procedures.  In addition, you will provide expertise and guidance to implement applicable security controls throughout the system development lifecycle.  You will work in a customer-facing role in a dynamic team environment with multiple touchpoints interfacing with many stakeholders.

Essential Functions:

  • Analyze and interpret agency security requirements to communicate to non-security savvy personnel
  • Work closely with the program management office, system owners and engineering staff to provide guidance on whether security policies, standards and procedures are properly implemented
  • Analyze new or updated security policies and data calls, collaborate with stakeholders, and develop responses that are clear and accurate
  • Support the review/update of security authorization artifacts such as System Characterization Documents, System Security Plans, System Contingency Plans, Privacy Threshold Analysis, and others as needed
  • Interpret security risk assessment, review security scan results, assess security vulnerabilities and support the development/tracking of Plan of Action and Milestones (POA&Ms) mitigation and/or risk acceptance
  • Support the development and modification of implementation and design documents describing how security features are implemented
  • Work with engineering personnel to document remediation actions for system vulnerabilities
  • Collaborate with the system maintainer to support continuous monitoring efforts

Must Have Qualifications:

  • 5 years of relevant experience with bachelor’s degree in relevant field or 3 years of relevant experience with master’s degree in relevant field
  • Must hold one of the following certifications: CISSP or CASP+
  • Proficient using Microsoft Office Professional applications
  • Proficient using Microsoft Windows and Linux operating systems
  • Familiarity with such tools such as Tenable’s Nessus and/or Security Center, Network Mapper (NMAP), App DetectivePro, HP Web Inspect, or similar applications
  • Experience working with databases, networks, hardware, firewalls, cross-domain solutions, and encryption in a cyber-security role
  • Thorough knowledge of NIST 800 Special Publications, Federal Information Processing Standards (FIPS) and other significant federal regulations
  • Strong background and extensive experience with Risk Management Framework (RMF)
  • Experience in creating and maintaining minimum security configuration baselines for Windows and Linux platforms, networking equipment, and custom applications (i.e., Minimum Benchmarks: CIS, STIGS)
  • Must be familiar with and have previous experience with the security authorization process including the review of system security documentation, i.e., system boundary definition, systems security plan, configuration management plan, contingency plan, and security agreements (e.g., MOUs, ISAs), etc
  • Experience evaluating systems, assessing system risks and security findings, and recommending mitigation and remediation actions
  • Knowledge of electronics theory, IT, telecommunications, and supervisory control systems including cryptography, vulnerability assessment, and exploitation techniques
  • Knowledge and experience with requirements risk management, security engineering, and security architecture
  • Excellent interpersonal skills, including the ability to work on multi-functional teams

Desired Qualifications:

  • Experience using NIST SP 800-60 Guide for Mapping IT Systems
  • Experience using NIST SP 800-160 Systems Security Engineering
  • Project Management Professional (PMP) Certification
  • Certified Information Systems Auditor (CISA) Certification
  • Knowledge of basic development principles
  • Knowledge of Network Infrastructure and Server Administration
  • Proficiency using CSAM (Cyber Security Assessment Management) tool

Clearance:

  • Must be a U.S. Citizen and pass a background investigation for Public Trust/FAA Suitability
  • Must be willing to undergo a background investigation

Work Location:

  • Primary work location is in Fairfax, VA (currently 100% remote during the pandemic)
  • Ability to travel to customer facilities as needed

Competitive Benefits:

  • Medical, Dental & Vision coverage
  • Life Insurance
  • Short, Long Term Disability Insurance
  • PTO & Federal Holidays Off
  • 401(k) Plan
  • Flexible work schedule and location (Telework during the pandemic)
  • Access to state-of-the-art gymnasium (at TechTrend HQ)
  • Premium coffee bar (at TechTrend HQ)

About TechTrend

TechTrend, Inc. is a veteran-friendly small business providing expert solutions, products, and services to the federal government.  Founded in 2003, we continue to evolve with capabilities in cybersecurity, cloud managed services, cloud migration, and application development.  We are a Microsoft Gold Partner and leading provider of Azure cloud services.  TechTrend is recognized as a trusted partner delivering knowledge and guidance for our client’s most critical and complex support and service needs.  As a liaison for positive organizational change, we form relationships and build bridges while ensuring quality across functions—gaining buy-in from both leaders and end-users and removing barriers to mission success.  Our established processes ensure quality delivery of results by maximizing efficiency, productivity, and client satisfaction enterprise wide.  TechTrend is a fast-growing company with a dynamic, inclusive corporate culture headquartered in a state-of-the-art facility near the well-known Fairfax Mosaic District.

Join the TechTrend Talent Pool

We are always on the lookout for professionals who want to bring their experience, demonstrated talent, and vision to TechTrend. Is that you? If so, send a message to our hiring coordinator using the form below. If your skills are a good fit for our business strategy, we’ll be in touch.

TechTrend Job Application

TechTrend does not discriminate on the basis of race, color, religion (creed), gender, gender expression, age, national origin (ancestry), disability, marital status, sexual orientation, or military status, in any of its activities or operations. These activities include, but are not limited to, hiring and firing of staff, selection of vendors, and provision of services.

We are committed to providing an inclusive and welcoming environment for all members of our staff, subcontractors, vendors, and clients. We will not discriminate in employment, recruitment, advertisements for employment, compensation, termination, promotion, and other conditions of employment against any employee or job applicant on the basis of race, color, gender, national origin, age, religion, creed, disability, veteran’s status, sexual orientation, gender identity, or gender expression.