Published: Sep 3, 2025 - The Information Assurance Specialist is responsible for creating, recovering, and revoking PKI credentials while implementing enterprise-wide security standards and conducting PKI-related training. This role performs system architecture analysis to define, develop, and integrate tailored security solutions across both commercial and specialized platforms. The specialist also conducts vulnerability assessments, resolves security violations, and supports the development of policies to ensure all information systems remain secure and operational.

Tips for Information Assurance Specialist Skills and Responsibilities on a Resume
1. Information Assurance Specialist, System High Corporation, Colorado Springs, CO
Job Summary:
- Perform SCAP and ACAS scans and analyze results for remediation and reporting
- Support network profile maintenance in VRAM
- Collaborate with system administrators and the service desk to track vulnerability remediation or mitigation
- Support tracking of Security Technical Implementation Guidelines (STIGS) implementation
- Perform quarterly delta and full annual STIG reviews in collaboration with system administrators
- Support IA requirements in a Windows 10 and Red Hat Enterprise Linux environment
- Supporting centralized antivirus, system patching, configuration management, vulnerability scanning, and mitigation to meet security compliance requirements
- Provide regular reporting on system(s) health
- Performing server/workstation installations and technology refresh as they relate to IA requirements
- Support Risk Management Framework documentation
Skills on Resume:
- Vulnerability Analysis (Hard Skills)
- STIG Compliance (Hard Skills)
- System Patching (Hard Skills)
- Risk Documentation (Hard Skills)
- Antivirus Management (Hard Skills)
- Tech Refresh (Hard Skills)
- Linux Administration (Hard Skills)
- Collaboration (Soft Skills)
2. Information Assurance Specialist, Cambridge International Systems Inc, Norfolk, VA
Job Summary:
- Take ownership of any unresolved security matters and coordinate the resolution with the relevant stakeholders
- Provide advice on security policy and technical solutions
- Ensuring secure solution delivery to major system procurements and Agile programs
- Develop and review new security architectures that mitigate the risks
- Understanding the likelihood and potential business impacts of information risks throughout the information system lifecycle
- Work as a team member on complex IT projects, focusing on information security and ensuring compliance with corporate policy and designated FISMA/NIST security levels
- Interacting with internal Information Technology Services, Information Security, and Operational Staff to perform security duties, addressing routine information security matters
- Create and maintain documents for C&A packages, monitoring and enforcing security SOPs/Policies and other duties
- Assist ISSO in performing periodic audits on IT practices to confirm SOP/Policy compliance in the area of information security
- Work with external security vendors to verify services are delivered as expected, SOPs/policies are adhered to, and security incidents are properly reported, acted on, and documented
- Develop Information Security SOPs/Processes and Working Procedures/Manuals
- Coordinate and document the resolution of security audit findings and POA&M items
- Research and suggest new security technologies, practices, and policies that will enhance the information security posture of the organization
Skills on Resume:
- Security Coordination (Soft Skills)
- Policy Advising (Soft Skills)
- Risk Assessment (Hard Skills)
- Architecture Design (Hard Skills)
- Audit Support (Hard Skills)
- Compliance Monitoring (Hard Skills)
- Vendor Management (Soft Skills)
- Team Collaboration (Soft Skills)
3. Information Assurance Specialist, CyberBalance LLC, Washington, DC
Job Summary:
- Support the customer in ensuring all technical security measures are enhanced and developed
- Ensure successful and timely system accreditations and re-accreditations
- Provide a central point of contact for all technical security matters and concerns, supporting project teams and businesses throughout project lifecycles
- Responsibility for developing, implementing and conducting formal and regular technical risk assessments of the customer’s IS environments, recommending remedial action
- Work collaboratively with technical project delivery squads
- Ensure proposed solutions provide the level of security assurance in line with data processing requirements and customer risk appetites
- Ensure that technical requirements for the customer's assurance activities are delivered in the functional area in line with risk appetite
- Perform vulnerability/risk analysis of classified and unclassified computer systems through ACAS scanning and applications, recommending and implementing approved solutions
- Coordinate with the organization's security officers to develop and implement information assurance/security standards and procedures
- Develop and present information system security education and tracking through ATCTS
- Establish and satisfy information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands
- Develop and maintain general IT security policies and Standard Operating Procedures (SOPs)
- Process Enterprise System Authorization Access Request (SAAR) in collaboration with System Security Officers (ISSOs) for the JRTC Tactical Classified Enterprise Network
- Support Information System Security Officers (ISSOs) in updating the System Plans, Contingency Plans, Plan of Actions and Milestones (POA&M), audit preparation, audit action plans, and eventual submissions
Skills on Resume:
- Risk Assessment (Hard Skills)
- System Accreditation (Hard Skills)
- Security Assurance (Hard Skills)
- Policy Development (Hard Skills)
- Team Collaboration (Soft Skills)
- Vulnerability Analysis (Hard Skills)
- Security Education (Soft Skills)
- Access Management (Hard Skills)
4. Information Assurance Specialist, By Light Professional IT Services LLC, Vienna, VA
Job Summary:
- Manage information security compliance according to information security standards based on the Statement of Applicability for the enterprise Injazat
- Responsible for periodic, timely review and analysis of security systems and sub-systems to determine compliance with defined policies, processes, procedures, with alignment to the ISO 27001 standard
- Maintain and protect the confidentiality, integrity and availability (CIA) quotient by evaluating people, process, tools and technologies
- Conducts risk assessments and gap assessments to identify Injazat's security posture and maintain evidence of compliance
- Review technical documents, proposals, and other materials for accuracy, consistency, and quality control, utilizing state-of-the-art technology in comparison to information security controls
- Provides input during the design, configuration, development, and implementation of information security architecture
- Contributes to maintaining and updating Injazat’s consolidated compliance catalogue for all applicable standards and frameworks, like ISO and local regulations like Mubadala, SIA, ADSIC and NCEMA
- Maintains and implements the information security awareness program
- Ensures the continuous update and refresh of the information security policy handbook and its applicability at the client Injazat and Injazat services
- Perform Periodic risk assessment as per the Injazat Risk Management framework for the Injazat enterprise and clients
- Perform periodic business user and privilege user access reviews as per policy requirements
Skills on Resume:
- Compliance Management (Hard Skills)
- Risk Assessment (Hard Skills)
- ISO Standards (Hard Skills)
- Access Reviews (Hard Skills)
- Policy Updates (Hard Skills)
- Security Awareness (Soft Skills)
- Document Review (Hard Skills)
- CIA Evaluation (Hard Skills)
5. Information Assurance Specialist, Reliance Test & Technology LLC, Eglin AFB, FL
Job Summary:
- Implement and maintain an information and asset register baseline across departments as per the data management framework and regulatory requirements
- Perform all activities related to ISO 27001, Mubadala IS Framework and SIA, Information Assurance standard compliance
- Evaluates the effectiveness, strengths, weaknesses, opportunities, and threats of existing information security systems and implements the necessary controls
- Mitigate security incidents per urgency and impact with corrective and preventive actions
- Successfully manage the yearly certification and surveillance audits by training all the Business units as part of audit readiness and evidence management
- Work with the business stakeholders to close the internal and external audit and security testing findings
- Support the development, review, update and maintain Business Continuity Management policies, procedures and other documentation
- Support during the testing of Business continuity plans and recovery strategies
- Support during the IT DR Plan testing activities
- Maintain the BCMS documentation, such as continuity plans, recovery strategies
Skills on Resume:
- Asset Management (Hard Skills)
- ISO Compliance (Hard Skills)
- Incident Response (Hard Skills)
- Audit Readiness (Soft Skills)
- Risk Mitigation (Hard Skills)
- BCM Support (Hard Skills)
- DR Testing (Hard Skills)
- Stakeholder Engagement (Soft Skills)
6. Information Assurance Specialist, ManTech, Tampa, FL
Job Summary:
- Supporting the ISSO in reviewing, preparing, and updating Approval to Operate (ATO) packages in accordance with RMF in eMASS
- Collect security incident information for review by the ISSO
- Support various technical reviews and inspection teams
- Assist in delivering and monitoring compliance with IS security training
- Coordinate, prepare, and track IS inspections, reports, and responses
- Assist with the development and maintenance of the System Security Plan (SSP)
- Ensuring that all users have the requisite security clearances, authorization, and need-to-know
- Support vulnerability scanning, resolution, mitigation and documentation via POA&Ms
- Promoting awareness of security issues among management and the team
- Assist the team with developing technical briefings, reports, articles, and presentations
- Contributing to the resolution of database maintenance tickets, ensuring timely turnarounds
- Interpret custom requests and recommend appropriate maintenance actions to resolve
- Communicate select changes to external partners, confirming application and/or addressing feedback
- Draw insights from tickets to improve the efficiency and efficacy of records management
Skills on Resume:
- ATO Preparation (Hard Skills)
- Security Training (Soft Skills)
- Incident Collection (Hard Skills)
- Vulnerability Management (Hard Skills)
- Records Management (Hard Skills)
- Clearance Verification (Hard Skills)
- Technical Writing (Soft Skills)
- Team Communication (Soft Skills)
7. Information Assurance Specialist, Competitive Range Solutions LLC, Fort Meade, MD
Job Summary:
- Contribute to developing and defining Information Security policies, standards, guidelines and procedures to an agreed framework (ISO27000, NIST 800-171, UK Cyber Essentials)
- Support the development and maintenance of the global security policies
- Act as the IT Security representative on large projects, providing advice on the implementation of cybersecurity policies and standards in the area of network communications and network security appliances
- Support any wider cybersecurity initiative or projects
- Review compliance with information security policies and standards, configuration assessment, adherence to legal and regulatory requirements and recommend appropriate action
- Provide authoritative advice and guidance on the application and operation of all types of security controls including legislative or regulatory requirements
- Advise users on risk management, reduction and promote awareness in conjunction with the Global Security awareness program
- Identify, report and manage IT security risks and concessions
- Develops and conducts incremental Information Assurance self-assessments for each software delivery to ensure systems meet documented requirements
- Meets with government ISSO to discuss and plan remediation of IA vulnerabilities and creates POA&M responses to open items
- Reviews existing Information Assurance documentation and assists in making refinements, reducing operating time, and improving current techniques
- Support and regularly maintain RMF Documentation
- Conducts research and analyzes technology information relative to Information Assurance and security for the JFW
- Regularly conducts security tests of the JFW to ensure ISSO and STIG compliance in accordance with JFW system requirements
- Prepare and communicate Scan Analysis Result Reports for project management
- Review IAVAs weekly and assess the impact on JFW
Skills on Resume:
- Policy Development (Hard Skills)
- Security Compliance (Hard Skills)
- Risk Management (Hard Skills)
- STIG Testing (Hard Skills)
- RMF Documentation (Hard Skills)
- Advisory Support (Soft Skills)
- Awareness Promotion (Soft Skills)
- Scan Reporting (Hard Skills)
8. Information Assurance Specialist, Watermark Risk Management International, Colorado Springs, CO
Job Summary:
- Review software requirements to identify security and safety-critical software functions
- Design and test application and system-level insider threat mitigations
- Design positive and negative test scenarios to confirm the functionality of safety and security critical software mitigations
- Perform module and unit testing of cybersecurity features, including the manipulation of data for analysis of security requirements
- Support creation and updating of all relevant documentation and specifications for secure design, secure development and security testing
- Assisting with the cybersecurity subsystem requirements decomposition
- Be a lead risk manager for security accreditation activities
- Maintain and manage ISO 27001 security deliverables
- Provisioning necessary support to programmes, propositions and contract teams
- Ensuring they maintain and manage contracted security obligations (technical, physical and personnel)
- Manage security policies and processes to support the Security Policy Framework
- Maintain relevant security relationships with internal and external stakeholders and customers
Skills on Resume:
- Security Testing (Hard Skills)
- Risk Management (Hard Skills)
- Requirements Review (Hard Skills)
- ISO Maintenance (Hard Skills)
- Threat Mitigation (Hard Skills)
- Policy Management (Hard Skills)
- Secure Development (Hard Skills)
- Stakeholder Relations (Soft Skills)
9. Information Assurance Specialist, Tria Federal, Lexington, MA
Job Summary:
- Act as Service Lead for the Wired Infrastructure Service and act as Sandia Designated Representative (SDR) for purchase orders
- Review and evaluate telecom security requirements called out in national policy directives, orders, and memorandums as they pertain to Sandia National Laboratories (SNL)
- Provide technical evaluations of prohibited articles and the evaluation process to allow/disallow these devices into a secure space
- Coordinate with Sandia Field Office oversight regularly
- Customer support and cross-organization collaboration
- Coordinate with the customer and sometimes the manufacturer to obtain information to submit a new RTIW for approval and document the new RTIW requests point of contact (POC) for this program in coordination with other Subject Matter Experts
- Act as the point of contact for TEMPEST/PDS accreditation of computer security plans
- Coordinate and document the assessments/reviews for SNL TEMPEST locations that require an annual assessment to be performed
- Compile a database of all assessments for annual submission
- Coordinate, review, and revise TEMPEST and PDS plans for SNL and affiliated sites
- Compile and maintain a database containing these plans for annual submittal to DOE
- Coordinate and document the bi-annual technical inspection of the PDS at SNL and affiliated sites
Skills on Resume:
- Service Leadership (Soft Skills)
- Security Evaluation (Hard Skills)
- Policy Review (Hard Skills)
- Cross Collaboration (Soft Skills)
- Accreditation Support (Hard Skills)
- Vendor Coordination (Soft Skills)
- Plan Management (Hard Skills)
- Assessment Tracking (Hard Skills)
10. Information Assurance Specialist, ORBIS Inc, Washington, DC
Job Summary:
- Monitor laws, regulations, industry standards and best practices related to the confidentiality, integrity and availability of information
- Ensure the implementation of these standards in the organization
- Develop, maintain and interpret policies and procedures related to the protection of systems, networks, people, information and property
- Perform compliance and assessment activities related to information security, data privacy, incident management and risk management
- Develop risk mitigation plans with subject matter experts and ensure accountability for these actions
- Assess compliance, security, and control risks related to information systems and technical infrastructure
- Develop training and education materials and promote information security awareness
- Translate complex, technical concepts into business-relevant terms to facilitate effective decision-making by non-technical personnel
- Support audit activities both internal and external, related to information security
- Oversee and manage the DoD accreditation of secure operating systems and networks
- Collaborate with federal oversight/regulatory agencies to ensure company/program compliance with DoD requirements
- Manage information systems access requests and administer security awareness training programs
Skills on Resume:
- Regulatory Monitoring (Hard Skills)
- Policy Development (Hard Skills)
- Risk Mitigation (Hard Skills)
- Compliance Assessment (Hard Skills)
- Security Awareness (Soft Skills)
- Audit Support (Hard Skills)
- Access Management (Hard Skills)
- Technical Translation (Soft Skills)
11. Information Assurance Specialist, Sienna Systems Corporation, Fort Huachuca, AZ
Job Summary:
- Providing support to NAVAIR and NAWCAD programs to develop and conduct Assessment and Authorization (A&A) and Life Cycle Management documentation of systems and/or networks
- Assist with the development and maintenance of all necessary A&A documents for achieving either PIT Risk Approvals (PRA) or Authority To Operate (ATO)
- Provide coordination, tracking, and management through all aspects of the A&A process for the PM for the purpose of bringing NAVAIR and NAWCAD Systems into compliance with applicable laws, orders, directives, and instructions
- Ensure and maintain IAVA and STIG compliance and review all change requirements of the systems
- Evaluate and review proposed architectures and designs within the current and future system design
- Review, prepare, and update Navy, Army, and commercial authorization packages
- Advise the Program Manager and other program stakeholders regarding cybersecurity matters, including change control, Information Assurance Vulnerability Management (IAVM), and DoD and DoN policy
- Notify the customer when changes occur that might affect authorization
- Perform security self assessment, using the DISA Security Technical Implementation Guides (STIGs), Security Content Automation Protocol (SCAP) and the Assured Compliance Assessment Solution (ACAS)
- Perform Independent Assessments as a Navy Qualified Validator (NQV), including developing the Security Assessment Plan (SAP), validating the program Self Assessment, using the above-mentioned tools, and completing the Security Assessment Report (SAR)
- Perform independent assessments for commercial enterprises
- Develop system-level policy documentation to address NIST control requirements
Skills on Resume:
- Authorization Support (Hard Skills)
- Compliance Tracking (Hard Skills)
- Security Assessment (Hard Skills)
- Cybersecurity Advising (Soft Skills)
- Architecture Analysis (Hard Skills)
- Report Writing (Hard Skills)
- Independent Validation (Hard Skills)
- Policy Creation (Hard Skills)
12. Information Assurance Specialist, Steel Point Solutions, Washington, DC
Job Summary:
- Ensures compliance with Air Force Systems Security Instruction (AFSSI) 8520, Identification and Authentication
- Ensures virus protection and security patches are properly installed
- Performs scans of desktop computers and reports incidents
- Ensures virus protection and security patches are properly installed
- Manages the Information Assurance Awareness Program (IAAP) and reports the status of annual training
- Ensures Time Compliance Network Orders (TCNO) are implemented within the timeframe and complies with the vulnerability and incident reporting procedures
- Applies EMSEC countermeasures and/or processes emission security (EMSEC) waivers and notifies the base Communications Squadron IA office on completion
- Periodically receive an inspection from the base Communications Squadron IA office to reassess EMSEC requirements
- Ensures all communication security (COMSEC) materials are properly safeguarded, inventoried, and COMSEC material users are properly trained
- Establishes and maintains information system security Officer (ISSO) and EMSEC continuity books using the base CS IA office-prescribed checklists
- Perform the Management Internal Control Toolkit (MICT) input for review
- Acts as Functional Systems Administrator (FSA) and Client Support Administrator (CSA) to process all network (NIPRNET) and customer AIS support functions
Skills on Resume:
- Security Compliance (Hard Skills)
- Virus Protection (Hard Skills)
- System Scanning (Hard Skills)
- Training Management (Soft Skills)
- TCNO Implementation (Hard Skills)
- EMSEC Control (Hard Skills)
- COMSEC Safeguarding (Hard Skills)
- System Administration (Hard Skills)
13. Information Assurance Specialist, Stratum Networks, Linthicum, MD
Job Summary:
- Responsible for interpreting Federal Government, Department of Defense (DOD), Department of the Army (DA), Network Enterprise Technology Command (NETCOM), and local Information Assurance and security guidance, directives, and taskings
- Develops, promulgates, and monitors compliance with policies, methods and procedures about the Army Information Assurance Program (AIAP) for the Product Manager
- Develop accreditation packages that conform to the prevailing DOD and DA regulatory guidance and prepare all accreditation and approval documents
- Providing up-to-date HMG/MoD IA policy and governance advice
- Undertaking HMG IS1&2 compliant threat and risk assessment activities
- Writing clear and comprehensive Risk Management Accreditation Document Sets (RMADS)
- Providing Security Impact Assessment reports to mitigate specific security vulnerabilities/risks associated with an initial design or design change
- Developing HMG and MoD standard-compliant technical system security architectures, and providing system design advice on the solutions
- Managing the security accreditation process for ICT projects
- Developing and undertaking the security aspects of a project's verification and validation testing
- Providing IA support to the wider business
- Providing support to new business development teams in the relevant professional area of expertise, including the provision of feasibility studies and support to campaigns
- Establishing technical relationships with partner contractors
- Represent the Company at industry and HMG events
Skills on Resume:
- Policy Interpretation (Hard Skills)
- Risk Assessment (Hard Skills)
- RMADS Writing (Hard Skills)
- Security Architecture (Hard Skills)
- Accreditation Management (Hard Skills)
- Impact Reporting (Hard Skills)
- IA Consultation (Soft Skills)
- Stakeholder Engagement (Soft Skills)
14. Information Assurance Specialist, ARSIEM Corporation, Monterey, CA
Job Summary:
- Conduct IA and Windows workstation system administrative duties on DOD networks
- Independently providing support with the implementation requirements of the Defense Information Systems Agency (DISA) standards (eMASS, STIG, SCAP, and ACAS)
- Executes Windows Patch Management, Windows Server Update Service (WSUS), and Host-Based Security Service (HBSS)
- Documents the assessment results
- Perform analysis of information system security controls, information systems and applications for weaknesses and document recommendations addressing security measures to protect information against loss of confidentiality, integrity and/or availability
- Lead and direct the work of others associated with the assessment team
- Assist with monitoring the command’s Joint Worldwide Intelligence Communications Systems (JWICS) network security postures
- Ensure Automated Information Systems (AIS) operations and administration are conducted in accordance with Public Laws, Executive Orders and policies of various national-level agencies
- Provides Information Assurance (IA) support for exploitation systems, related applications, end user devices, servers, network attached storage, database archives and video dissemination/display architecture and systems
- Coordinates and collaborates with the Government and other contractors to support and documentation of connectivity and problem resolution issues for HQ AFSOC and HQ USSOCOM
- Coordinates all IA documentation and feedback with the HQ USSOCOM IA office while keeping SGIP Program Managers on system IA posture
- Assists in the formulation of adequate regulatory procedures in the safeguarding of classified defense and other protected information
- Provides system, technical and permissions (i.e., security, policy, access) training to the Government
- Performs Information Systems Security Manager (ISSM) duties for AFSOC SGIP systems, including compilation of supporting data and submission and management of AFSOC-related SGIP Risk Management Framework (RMF) projects
- Performs continuous monitoring functions
- Manages system security patching as directed by SOF Information Enterprise (SIE) owners with minimum impact to operations
- Tests and identifies impacts to operations before updating systems
Skills on Resume:
- IA Administration (Hard Skills)
- Patch Management (Hard Skills)
- Security Assessment (Hard Skills)
- System Monitoring (Hard Skills)
- RMF Management (Hard Skills)
- Team Leadership (Soft Skills)
- Compliance Support (Hard Skills)
- Technical Training (Soft Skills)
15. Information Assurance Specialist, ENS Solutions LLC, Springfield, VA
Job Summary:
- Develop a security plan using the Risk Management Framework (RMF) for DoD Information Technology (IT)
- Develop and adjudicate Plan of Action and Milestones (POA&M)
- Assess STIG findings and results
- Develop configuration management plans
- Conduct information system contingency plan and exercises
- Coordinate operational cybersecurity Issues
- Lead mitigation of vulnerabilities derived from security scans
- Perform security incident management
- Ensure Time Compliance Network Order (TCNO) compliance
- Perform cybersecurity-related tests and evaluations
- Write a vulnerability management plan
- Provide security impact letters for each release
Skills on Resume:
- Risk Planning (Hard Skills)
- Plan Management (Hard Skills)
- STIG Review (Hard Skills)
- Contingency Testing (Hard Skills)
- Cyber Coordination (Soft Skills)
- Vulnerability Control (Hard Skills)
- Incident Handling (Hard Skills)
- Release Documentation (Hard Skills)
16. Information Assurance Specialist, Kalman & Company Inc, Edgewood, MD
Job Summary:
- Daily download, test, and installation of virus definition files
- Daily monitoring to ensure anti-virus/anti-malware protection is maintained
- Coordinate scanning file/folder exclusions with other application owners
- Resolve incidents related to anti-virus/anti-malware
- Coordinate with the Services Operations Unit support teams to reconcile computers with compliance issues or for assistance with temporary workarounds
- Plan and carry out projects for routine application or hardware upgrades
- Provide compliance reports from the ePO or other anti-virus console to management and customers
- Monitor the anti-virus vendor support notification service (SNS) for critical information, i.e., alerts, notices, patches, and upgrades
- Test and install operating system patches (offered by the Service Operations Unit) on antivirus servers
- Monitor requirements within the environment regarding server disk space capacity
- Download, test, and install application patches
- Prepare anti-virus/anti-malware requirements for baseline image generation
- Coordinate with other IT Services Divisions
- Review and respond to Service Manager or other FBI ticketing system incidents related to anti-virus/anti-malware
Skills on Resume:
- Virus Management (Hard Skills)
- Patch Installation (Hard Skills)
- Incident Resolution (Hard Skills)
- Compliance Reporting (Hard Skills)
- System Monitoring (Hard Skills)
- Upgrade Planning (Hard Skills)
- Image Preparation (Hard Skills)
- Team Coordination (Soft Skills)
17. Information Assurance Specialist, Spectrum Comm Inc, Norfolk, VA
Job Summary:
- Responsible for creating, recovering, and revoking PKI credentials
- Conduct training on PKI operations and the use of PKI certificates
- Determines enterprise information assurance and security standards
- Develops and implements information assurance/security standards and procedures
- Coordinates, develops, and evaluates security programs for an organization
- Recommends information assurance/security solutions to support customers' requirements
- Identifies, reports, and resolves security violations
- Supports customers at the highest levels in the development and implementation of doctrine and policies
- Applies know-how to government and commercial common user systems, as well as to dedicated special-purpose systems requiring specialized security features and procedures
- Performs analysis, design, and development of security features for system architectures
- Analyzes and defines security requirements for computer systems, which may include mainframes, workstations, and personal computers
- Designs, develops, engineers, and implements solutions that meet security requirements
- Provides integration and implementation of the computer system security solution
- Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems
- Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle
- Ensures that all information systems are functional and secure
Skills on Resume:
- PKI Management (Hard Skills)
- Security Training (Soft Skills)
- Standards Development (Hard Skills)
- Program Evaluation (Hard Skills)
- Security Engineering (Hard Skills)
- Risk Analysis (Hard Skills)
- Policy Support (Soft Skills)
- System Integration (Hard Skills)
18. Information Assurance Specialist, SPECIAL Aerospace Security Services Inc, Washington, DC
Job Summary:
- Stays current with headquarters’ policies and provides recommendations for new or updates to local policies, procedures and standards based on NIST 800-53 standards, headquarters changes, and best practices
- Develops recommended new or updated local policies, procedures, and standards
- Provides promptly, summary advisory and assessment reports outlining the effects of headquarters’ policy changes or recommendations to local policies
- Provides, promptly, a Policy Change Summary Report for the development of new or updated policies, procedures, standards, strategies, network architecture, etc.
- Utilize ACAS to scan systems, review scan results, and prioritize vulnerabilities
- Create promptly, customized reports to recommend the best course of action to mitigate newly found vulnerabilities
- Disseminate promptly, system scan results to technical team leads to facilitate system patching
- Develops and tracks Plans of Action and Milestones (POA&M) items to resolution in support of IA compliance
- Conducts RMF-compliant Security Assessment and Authorization (SA&A) in line with NIST and client guidance and directives for new and existing applications, systems, and programs, including evaluation of organizational policies, procedures, and security measures
- Provide recommendations to system stakeholders for appropriate mitigation techniques or strategies in support of risk acceptance decisions
- Submit all documentation for obtaining an Authorization to Operate/Connect to the Approving Officer
- Maintain eMASS records and RMF artifacts to support system accreditation
- Provide monthly status reports of SA&A activities
Skills on Resume:
- Policy Development (Hard Skills)
- Vulnerability Scanning (Hard Skills)
- Risk Mitigation (Hard Skills)
- RMF Compliance (Hard Skills)
- POA&M Tracking (Hard Skills)
- eMASS Management (Hard Skills)
- Report Writing (Soft Skills)
- Stakeholder Advising (Soft Skills)