Information Assurance III

BryceTech

  • Aberdeen Proving Ground, MD
  • Permanent
  • Full-time
  • 21 days ago
  • Apply easily
Company DescriptionBryceTech has partnered with technology and R&D clients to deliver mission and business success since 2017. Bryce combines core competencies in analytics and engineering with domain expertise. Our teams help government agencies, Fortune 500 firms, and investors manage complex programs, develop IT tools, and forecast critical outcomes. We offer clients proprietary, research-based models that enable evidence-based decision-making. Bryce cultivates a culture of engagement and partnership with our clients. BryceTech is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.Job DescriptionBryceTech is currently looking for an Information Assurance III specialist. This position will be supporting Joint Program Executive Office for Chemical, Biological Radiological Nuclear Defense (JPEO CBRND) – Joint Project Lead Integration on the CBRN IS team. The CBRN IS team delivers and enables a rapidly scalable, cloud-based application providing timely, fused, and easily accessible CBRN Warning Reporting and Hazard Prediction capabilities to the Joint Warfighter and international partners. This role will protects and manage data integrity, confidentiality, and availability across systems.The Person in this role will:
  • examine JPEO- CBRND programs and system characteristics to determine whether compliance with DoDI 8500.01 is recommended or required and will develop an Acquisition Cybersecurity Strategy when required.
  • Ensure that each JPEO-CBRND program, when required, has a Cybersecurity Strategy that is consistent with DOD policies, standards, and architectures, to include relevant standards.
  • Assist in the identification of Critical Program Information (CPI) and Critical Technology in terms of their importance to the program being developed.
  • Assist in the identification of foreign collection threat to the program, identify elements that require classification, and determine the phases at which such classification should occur and the duration of such controls.
  • Provide support for Development Test (DT), User Demonstration (UD), User Feedback Event (UFE), Operational Assessment (OA), and Operational Test (OT) events and address each CPI as well as other relevant information requiring protection, including export-controlled information and sensitive but unclassified information.
  • Manage the Host-Based Security System (HBSS) and install, configure, and maintain computer and network security software, including instances of the Assured Compliance Assessment Solution (ACAS), the Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) Viewer, and other cybersecurity software test and scanning software applications.
  • Document programs’ overall cybersecurity approach and requirements, including determining the appropriate Certification and Accreditation (C&A) process, contributing content for Life Cycle Management Plans (LCMPs), assisting programs in the creation of a Security Classification Guide (SCG), and assisting in the development of Program Protection Plans (PPPs) Appendix E, the Cybersecurity Strategy.
  • Leverage IEW services while working in conjunction with JPMs/JPLs /across the JPEO-CBRND to facilitate risk management framework activities.
  • Ensure fielded information systems and networks are defended to maintain confidentiality, integrity, availability, authentication, and non-repudiation by identifying, developing, and applying risk management framework technical-, operational-, and management-related security controls and protection mechanisms.
  • Guide JPEO-CBRND programs in the development of Acquisition Cybersecurity Strategy.
  • Assist in the identification of Critical Technology and address CPI as well as other relevant information requiring protection, including export- controlled information and sensitive but unclassified information.
  • Directly interface with JPMs/JPLs customers, representing JPMs/JPLs in discussions concerning cybersecurity, including (but not limited to) topics which address use of the DISA STIG in the software application and system development process, use of the DISA Enterprise Mission Assurance Support Service (eMASS) tool to document program progress during the C&A process, and the Risk Management Framework and its critical alignment with a program's System Development Life Cycle (or Software Development Life Cycle, as appropriate.)
  • Leverage SSA services while working in conjunction with JPMs across the JPEO -CBRND to facilitate risk management framework activities.
  • May be required to travel up to 20% Continental United States (CONUS) and less than 10% Outside Continental United States (OCONUS).
  • Should be willing take the International Information Systems Security Certification Consortium (ISC) 2 ™ Certified Authorization Professional (CAP) Certification Prep Self Study (11 hours) during on-boarding
Qualifications
  • Have Risk Management Framework (RMF) Training.
  • Have an active Security+ certification
  • Possess three (3) years of experience providing information technology support services, including information assurance.
  • Possess organizational skills. In addition, the contractor shall possess senior level interpersonal and communication skills, both oral and written and proficiency with the Microsoft Office Suite.
  • Secret Clearance
Additional InformationBryceTech offers a full range of benefits, including competitive salary, a comprehensive health plan including dental and vision coverage, company-paid life & disability insurance policies, 401(k) plan with company match, and an educational reimbursement program.All your information will be kept confidential according to EEO guidelines.

BryceTech