Information Assurance Analyst

Booz Allen Hamilton•Charleston, SC

About The Position

Information Assurance Analyst The Opportunity: Track efforts and perform tasks for A&A within Veterans Affairs (VA) to ensure assigned information systems, devices, and networks can obtain and maintain Authorization to Operate (ATO) and other decisions. Plan, coordinate, and lead teams to conduct assessments of information systems and networks to identify vulnerabilities, risks, and security requirements in accordance with the A&A process. Perform secondary responsibilities such as testing CCIs, validating Security Plans, weekly status updates, and extensive work in Enterprise Mission Assurance Support Service (eMASS) packages. Support Supplier Corrective Action Reports (SCARs), the Security Control Assessor (SCA), and other cybersecurity leadership in the execution and enforcement of cybersecurity and RMF processes.

Requirements

Knowledge of information security and assurance principles such as defense-in-depth and associated supporting technologies
Ability to work as an independent security practitioner and participate in a small team of security personnel reviewing the same system
Ability to organize, analyze, and write technical documents that can be understood by non-technical individuals
Ability to obtain a Secret clearance
HS diploma or GED

Nice To Haves

Experience with Prisma Cloud or Twistlock and containerization
Experience with VA cybersecurity
Experience performing Information Assurance (IA) controls analysis, testing, and risk assessments
Experience with Nessus, Nmap, Burpsuite, Linux security (RHEL7), and AWS cloud security
Experience using vulnerability scanning and assessment tools necessary to identify and document compliance
Knowledge of eMASS
Knowledge of NIST SP 800-53 and 800-37, CNSSI 1254, and other VA Risk Management policies
Ability to identify and evaluate major applications, infrastructure, enclaves, and Enterprise environments based on accreditation boundaries
Possession of excellent written and verbal communication skills

Responsibilities

Track efforts and perform tasks for A&A within Veterans Affairs (VA) to ensure assigned information systems, devices, and networks can obtain and maintain Authorization to Operate (ATO) and other decisions.
Plan, coordinate, and lead teams to conduct assessments of information systems and networks to identify vulnerabilities, risks, and security requirements in accordance with the A&A process.
Perform secondary responsibilities such as testing CCIs, validating Security Plans, weekly status updates, and extensive work in Enterprise Mission Assurance Support Service (eMASS) packages.
Support Supplier Corrective Action Reports (SCARs), the Security Control Assessor (SCA), and other cybersecurity leadership in the execution and enforcement of cybersecurity and RMF processes.