207 Business Park Dr., Ste. 100
VA Beach, VA 23462
Employee Type: Full-Time
Location: Suffolk, VA
Job Type: Information Assurance Analyst
Experience: 5+ Years
Clearance: Top Secret / SCI Eligible
AERMOR LLC is qualified candidates to provide technical and analytical support for FCC OCA in support of all OCA inspections. Candidates shall perform a wide variety of technical support services and functions required to meet the mission of FCC OCA to enhance overall DoDIN-N readiness and security.
- Identifying critical flaws in applications and systems that cyber attackers could exploit
- Conducting vulnerability assessments for networks, applications, and operating systems
- Conducting network security audits and scanning on a predetermined basis using automated tools (e.g. Security Content Automation Protocol (SCAP)) to pinpoint vulnerabilities and reduce time-consuming tasks
- Experienced with performing manual testing methods and procedures using STIGs, SRGs, and checklists
- Using automated or manual testing techniques and methods to gain a better understanding of the environment and reduce false negatives
- Validating report findings to reduce false positives
- Compiling and tracking vulnerabilities for metrics purposes
- Writing and presenting a comprehensive Vulnerability Assessment report
- Reviewing and defining requirements for information security solutions
- Adhere to established Navy / DoD policies and procedures
- Travel to commands/sites and/or remotely perform technical duties such as running vulnerability scans, reviewing command documentation/policies, uploading inspection results into data repositories and portals, providing summary of inspection findings, conducting root cause analysis, providing mitigation recommendations, and other tasks necessary to complete a cybersecurity assessment/inspection. Travel is required unless an approved remote inspection plan is authorized by the Government.
- Notify Government CE/VE Lead of pending issues affecting the completion or outcome of a cybersecurity inspection/assessment.
- Develop and provide inspection finding summary/detail information, finding impact information to include operational impact, finding analysis information, and other related inspection deliverables as identified by the government.
- Provide guidance/coaching to inspection site personnel as well as internally to other OCA personnel to increase awareness and understanding of inspection technical areas.
- Assist in researching trend data for vulnerabilities associated with individual technology areas to support cybersecurity inspections.
- Detail all findings in a written report while providing recommendations to mitigate prioritizing by risk using industry standards and best practices.
- Submit lessons learned if applicable to the inspection within a specified timeframe in accordance with the CCORI process.
Required Skills and Experience:
- A minimum of five (5) years of practical experience at a professional level in Information Assurance (IA)/ Information Operations (IO), cyber threat intelligence, defensive cyber operations (DCO) within the Department of Defense, U.S Navy, or other U.S. Government Agency.
- Additional experience shall include the following: (This requirement can be gained concurrently)
- Five years’ experience is required in managing complex projects or programs; experience managing administrative and technical support related to IA cybersecurity and Information Systems Security (INFOSEC) project subtasks.
- Demonstrate five (5) years of successful experience in supervision, planning, and leading multiple technical teams, performing complex tasks and assignments involving disciplines to include analysis and decision support; and shall have superior oral and written communication skills commensurate with a management role.
- Capability for preparation of reports and correspondence that are technically correct; the ability to coordinate schedules, identify and notify Government officials when funding requirements are needed to support relative assessment and inspection processes, and DoD IA/cybersecurity directives.
- Highly desirable to have experience in cybersecurity inspections and DoD networking management.
- Experience in two or more of the following areas:
- Performing IA controls analysis, risk assessment, contingency planning, Security Test and Evaluation (ST&E), and risk mitigation analysis.
- IA background in requirements analysis, design, development, and implementation.
- IA concepts and requirements development and analysis.
- IA planning and management.
- Bachelor’s degree in a related field, or equivalent education, experience, and related training
- DoD 8570.01-M IAM Level III certification
For more information contact: firstname.lastname@example.org
Information System Security Engineer