Information Systems Architect Mid

INFORMATION SYSTEMS ARCHITECT MID

Location: Quantico, VA - MCSC - Lester St - Woodbridge Team 

Clearance: TS/SCI

Education Level: High School Diploma or General Equivalency Diploma (GED)

Years of Experience: 5

Salary Range: 115,000 - 125,000

Required Certification:  

• Must have a current DoD IAT Level II certification such as CompTIA Security+ certification. 
• Must be able to obtain one additional certification such as CCNA, MCSA, MCSE, Linux+, VCP, or equivalent within 6 months of hire date. 

Job Description

Assist the Government Lead in daily tasks to ensure all systems have current Authorizations to Operate (ATOs). Facilitate Assessment and Authorization (A&A) for Information Systems to ensure data availability, integrity, authentication, confidentiality, and non-repudiation. Through A&A review processes, ensure security measures are implemented for communication systems and networks, and provide guidance to ensure systems and personnel adhere to established security standards and Governmental requirements for security on these systems.

Develop and execute security policies, plans, and procedures. Initiate creation of A&A packages to support receipt of Authorizations to Operate (ATOs), collaborate with Engineers to gather required information for A&A packages, and update A&A packages as required. Perform lifecycle maintenance of A&A packages ensuring ATOs do not expire without proper updates.

Update Department of the Navy (DON) Application and Database Management System (DADMS) and Department of Defense Information Technology Portfolio Repository – Department of the Navy (DITPR-DON). Submit Ports and Protocols with all supplemental documentation to DISA for approval. Submit tickets to initiate action from Headquarters Marine Corps (HQMC) Command, Control, Communications, and Computers (C4) Cybersecurity Division (CY) for approval and ensure appropriate action is taken by designated points of contact.

Assist with validation of A&A packages as required by the Government. Review and provide input for Operational Plans of Action and Milestones (POA&Ms) for submission to Action Officers. Conduct vulnerability scans using Assured Compliance Assessment Solution (ACAS) and assist Engineers in documenting system vulnerabilities.

Perform vulnerability management using Tenable SecurityCenter, Nessus, RedSeal, BigFix, Security Content Automation Protocol (SCAP) Compliance Checker (SCC), HP Fortify, other automated tools, and manual inspection techniques. Document vulnerabilities in the RSA Archer eGRC system and report vulnerability statistics. Apply experience with the Department of Defense Information Assurance Program (DIACAP) and Risk Management Framework (RMF).

Responsibilities

• Assist the Government Lead with daily Assessment and Authorization (A&A) activities.
• Support lifecycle maintenance of A&A packages to ensure continuous Authorization to Operate (ATO) coverage.
• Develop, update, and maintain RMF and DIACAP documentation.
• Maintainaccuratesystem records in DADMS and DITPR-DON.

• Prepare and submit Ports and Protocols documentation to DISA.
• Submit and track cybersecurity action requests with HQMC C4 Cybersecurity Division (CY).
• Assistin validation and review of A&A packages.
• Review and provide input to Plans of Action and Milestones (POA&Ms).
• Conduct vulnerability assessments using ACAS and related tools.
• Document and track vulnerabilities in RSA ArchereGRC.
• Reportvulnerabilitymetrics and remediation status.

Qualifications

• Minimum offive(5) years of experience in Information Technology projects.
• Experience supporting DoD Assessment and Authorization (A&A) processes.
• Experience with Risk Management Framework (RMF) and DIACAP.
• Hands-on experience with ACAS vulnerability scanning.
• Experience using Tenable SecurityCenter, Nessus, RedSeal, BigFix, SCC, and HP Fortify.
• Experience documenting vulnerabilities and remediation actions in RSA ArchereGRC.
• Ability to coordinate cybersecurity activities with Government and engineering stakeholders. 

Education & Certifications

• High School Diploma or General Equivalency Diploma (GED).
• CompTIA Security+ as required by DoD 8140 Cyber Workforce Qualification requirements.
• Preferred:Information Technology Infrastructure Library (ITIL) version 3 Foundation certification.
• Active Secret Security Clearance (T3 Investigation).

Physical Requirements

• May require lifting andmovingoffice supplies, furniture,equipmentand boxes weighing up to 25 lbs.
• May require the ability to work at multiple locations and travel nationally, as needed.

The above information in this description has been designed to indicate the general nature and level of work performed by an employee in this classification. It is not to be interpreted as a comprehensive inventory, or all duties, responsibilities, and qualifications of employees assigned to this job. Management has the right to add to, revise, or delete information in this description. Reasonable accommodation will be made to enable qualified individuals with disabilities to perform the essential functions of this position.

To apply, please email a cover letter and your resume to HR@uluhitech.com.