INFORMATION ASSURANCE SPECIALIST SKILLS, EXPERIENCES, AND JOB REQUIREMENTS

Published: Sep 3, 2025 - The Information Assurance Specialist is responsible for developing and managing RMADS, security architectures, and system accreditations in compliance with HMG and MoD Information Assurance standards. This role requires strong knowledge of eMASS, IS1&2, CESG Good Practice Guides, and the ability to conduct detailed threat and risk assessments for defense ICT systems. The specialist also applies systems engineering principles to evaluate design impacts on development costs and collaborates across teams to ensure secure, compliant, and cost-effective solutions.

Essential Hard and Soft Skills for an Information Assurance Specialist Resume
  • Risk Assessment
  • Vulnerability Analysis
  • Access Management
  • Security Compliance
  • STIG Compliance
  • ISO Standards
  • RMF Documentation
  • Incident Response
  • Policy Development
  • Security Testing
  • Team Collaboration
  • Security Awareness
  • Technical Writing
  • Stakeholder Engagement
  • Vendor Coordination
  • Policy Advising
  • Cross Collaboration
  • Service Leadership
  • Audit Readiness
  • Advisory Support

Summary of Information Assurance Specialist Knowledge and Qualifications on Resume

1. BS in Software Engineering with 7 years of Experience

  • Ability to facilitate engagement with peers
  • Proven dedication and willingness towards continuous improvement and learning new skills and capabilities
  • Able to be open-minded, experienced or ready to adapt to new ways of working (agile)
  • In-depth experience in technical security support with a variety of systems and applications
  • Evidential experience as a subject matter expert in the evaluation and implementation of technical security products for Public or Private sector organisations
  • Able to provide analytical advice on the security implications of new and existing systems and for all proposed changes to said systems
  • Able to interpret detailed system design documentation and identify potential security risks and mitigations to implement secure and appropriate security solutions
  • Able to effectively communicate, both verbally and in writing, highly technical aspects of the field of expertise, to management, clients and staff at all levels
  • Experience in performing formal risk assessments and production of Risk Management and Accreditation Documentation (RMADS) in line with Government policy
  • In-depth experience in security technical support with a variety of systems and applications
  • Experience in the application of Security Frameworks. E.G. ISO27000 series, NIST-800 and associated assurance activities
  • Must have recognised Security certifications, e.g., CISSP, CISM, CCSK or equivalent

2. BS in Computer Engineering with 8 years of Experience

  • Must have Security+CE certification or an IAM level I DOD 8570 certification
  • In-depth knowledge of computer operating systems
  • Ability to quickly troubleshoot problems
  • Extensive knowledge and expertise with eMASS
  • Excellent project management skills
  • Experience with providing incident response by investigating and reporting classified messaging incidents
  • Demonstrable understanding of digital, virtualisation and containerisation technologies
  • Demonstrable understanding of the application of security principles within an agile delivery framework
  • Proven experience in assessing and managing technical risk
  • Ability to provide technical security advice to business areas and to provide technical security input to the security risk registers
  • Understanding of current and emerging Security technologies
  • Demonstrable understanding of Security products such as Palo Alto, Bluecoat, McAfee, Cisco, NSX and RSA Envision

3. BS in Cybersecurity with 3 years of Experience

  • Experience in information assurance and the application of security controls
  • Knowledge and experience with DOE/NNSA cybersecurity orders and policies
  • Prior system or network administrator experience, to include a detailed understanding of common operating systems (e.g., Windows, Linux, and Mac) and networking architectures
  • Ability to obtain and maintain a DOE Q clearance
  • Experience with Risk Management Framework as detailed in NIST publications
  • Prior experience as an Information System Security Officer (ISSO)
  • Must have a certified Information System Security Professional (CISSP) certification
  • Strong written and verbal communication skills and previous technical writing experience

4. BA in Public Administration with 7 years of Experience

  • Experience with RMF and compliance activities (DoD RMF, DIACAP, FISMA, NIST, FedRAMP, PCI DSS, HIPAA)
  • Experience developing Navy and Army A&A artifacts, in support of RMF Steps 1-4
  • Experience conducting assessments using STIGs
  • Working knowledge of Windows and Linux Operating Systems
  • Experience with ACAS, SCAP Scanners
  • Ability to work independently in remote and on-site environments
  • Strong written and oral communication skills
  • Experience conducting Independent Assessments and Validations in support of RMF Step 4
  • Experience in working on Risk Management Framework (RMF) Certification and Accreditation Testing and Validation process of application software and computer systems for cloud platforms (e.g., AWS and Azure)
  • Familiar with DoD network security practices and Security Technical Implementation Guides (STIGs)
  • Understanding of encryption technologies including Hardware Security Modules (HSMs)
  • Experience executing projects with similar requirements, scope, and size

5. BS in Information Technology with 6 years of Experience

  • Experience or an NQV Level II appointment 
  • Ability to work independently and as part of a team in researching data and developing analytical techniques and methodologies
  • Working knowledge of the Navy’s eMASS system
  • Working knowledge of HMG guidance to include the Security Policy Framework and Information Assurance Standards, CESG Good Practice Guides, and MoD-specific standards, in particular JSP440
  • Experience in developing and writing all parts of RMADS for MoD / HMG ICT systems, in accordance with HMG IS1&2 and CESG GPG47
  • Experience in undertaking threat and technical risk assessments in accordance with the CESG Technical Threat Briefings and HMG IS1&2
  • Experience in developing system security architectures (technical and procedural) compliant with the requirements of HMG/MoD IA standards
  • Experience of managing system security accreditation in accordance with the HMG/MoD IA standards, including attendance at MoD Security Working Groups as an IA Subject Matter Expert
  • Good understanding and experience of the principles of systems engineering as applied to large defence procurement programmes
  • Clear understanding of the effect that system design and change have on the cost of development