Information Assurance Engineer

Full-time

Description

Information Assurance Engineer (Mid)

Primary Location: Ft Belvoir, VA

Clearance: Active TS/SCI w/ability to obtain CI Poly

Ability to work remotely: No

Job Summary

Obsidian Solutions Group (OSG) is seeking an Information Assurance Engineer to provide direct support of Department of Defense (DoD) Cybersecurity Reviews, inspections, evaluations, audits, assessments, Defensive Cyberspace Operations – Internal Defensive Measures (DCO-IDM) missions, and supported self-assessments of the DoD Information Network (DODIN).

The Engineer will conduct technical and traditional security assessments across multiple technology areas to ensure compliance with applicable Security Requirements Guides (SRGs), Security Technical Implementation Guides (STIGs), DoD policy, Cyber Tasking Orders, and Operational Orders.

Specific Responsibilities

• Plan, coordinate, and conduct Cybersecurity Reviews in accordance with the DoD Cyber Workforce Framework (DCWF).
• Evaluate compliance with SRGs, STIGs, and applicable DoD cybersecurity policies.
• Assess and document findings in the following areas (including emerging technologies as assigned):
• Boundary Security (firewalls, network device management)
• Network Infrastructure (routers, switches, policies)
• Domain Name System (DNS)
• Exchange Server
• Network Vulnerability Scans
• Virtual Infrastructure and Environments
• Cross Domain Solutions (CDS)
• Endpoint Security Solutions
• Mobility (wireless, BES, handheld devices)
• Voice and Video over IP (VVoIP)
• Databases (Oracle, SQL)
• Windows and UNIX Infrastructure
• Web Services and Servers
• Supply Chain Risk Management (SCRM)
• Traditional Security disciplines (personnel, physical, industrial, and counterintelligence security)
• Execute Traditional Security Reviews using the Traditional SRR Checklist; input results into government-designated tools or repositories.
• Conduct vulnerability scanning, including preparation of scanning packages, forms, and documentation; perform scans per the Vulnerability Scan Procedures Guide.

Requirements

Desired Skills

• System Administration experience on servers and workstations, network administration experience using various network devices.
• Experience with DCO-IDM missions and Defensive Cyber Operations.
• Proficiency in using DISA STIG tools, ACAS, and other automated scanning tools.
• Experience in Supply Chain Risk Management (SCRM) assessments.
• Familiarity with emerging DoD technologies and related security standards.
• Advanced industry certifications such as CISSP, CISM, or CEH.
• Ability to work independently and collaborate with application developers and engineers.
• Capability to document installation instructions and troubleshooting guides.

Experience and Education

• Bachelor's Degree in Computer Science, Information Technology, or closely related discipline (or substantial compensating operational experience)
• Of the 5 years of IT Security experience, must have at least 2 years’ experience as a dedicated System Administrator, ISSO, Security Analyst, or managing validation and compliance audits.
• Demonstrated experience in DoD cybersecurity assessments, inspections, or vulnerability analysis.
• Industry recognized and accepted certifications relating to IT security preferred (CISSP, GIAC, CEH, CASP+, Security+, CCNP Security, Network+, etc.). CISSP certified is highly desired.
• Five (5) years of experience in IT security, including SA&A and/or IT security risk analysis, preferably in support of the Federal Government.
• Knowledge of Federal Government SA&A practices and policies, particularly FISMA and NIST Special Publications 800 series.

.

Physical Requirements and Work Environment

• Shift: Monday – Friday
• Ability to lift up to 25 lbs of equipment.

Travel

• Limited local travel may be necessary.

Company Description

Obsidian Solutions Group LLC (OSG) is a fast-growing professional services firm based in Fredericksburg, VA. We create value for our customers by delivering technology-enabled & mission-oriented technical solutions that solve complex problems, protecting people, information, and assets. Our core capabilities are in providing Enterprise IT, Intelligence Analysis, Production & Development and Knowledge-Based Professional Services Solutions that enable the customer’s mission. Obsidian Solutions Group LLC is a certified 8(a), service-disabled, veteran-owned small business.

A career at Obsidian Solutions Group means you are able to put your expertise, credentials, and talents to great use working with customers in the DOD and Intelligence Community, while enjoying the excitement of working in a fast-growing organization committed to making a difference for our customers and in our community. Contribute independently and collaboratively alongside our amazing team of doers and thinkers. Obsidian Solutions Group is small enough to offer a family atmosphere yet large enough to deliver a highly competitive compensation package. We hire and retain the best in the industry, offering exceptional benefits that protect the well-being of our employees, their spouses and domestic partners, and their families.

Our corporate philosophy is centered on hiring and retaining employees with the requisite skills, professional experience, personal commitment, and ethical standards necessary to foster a culture of operational excellence necessary to surpass our customer’s expectations.

Disclaimer

The above information on this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.

Obsidian Solutions Group is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, parental status, protected veteran status, and any other non-merit factor, or any other characteristic protected by law.