|Title:||Information Assurance Engineer|
|Location:||Colorado Springs, CO|
Braxton Technologies, LLC, a division of Braxton Science & Technology Group (BSTG), a technology solutions company, has an opening for an early career Information Assurance (IA) Engineer to support our growing business.
Location: Colorado Springs, Colorado
Job Title: Information Assurance (IA) Engineer
Salary: Competitive, commensurate with industry standard and experience
Shift: M-F, Days
Travel: Occasional travel possible
- Perform assessment of systems and networks within the networking environment and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits using STIG Viewer, SCAP, etc and active evaluations such as vulnerability assessments utilizing ACAS.
- Perform assessments of non-technical RMF artifacts and identify where those artifacts deviate RMF control requirements.
- Establish strict program control processes to ensure mitigation of risks and supports obtaining assessment and authorization of systems. Includes support of process, analysis, coordination, control certification test, compliance documentation, as well as investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits.
- Assist in the implementation of the required government policy (i.e., NISPOM, NIST, DoD), making recommendations on process tailoring, participating in and documenting process activities.
- Perform analyses to validate established cybersecurity controls and requirements and to recommend cybersecurity safeguards.
- Support program test milestones through pre-test preparations, participating in the tests, analysis of the results, and preparation of required artifacts supporting authorization.
- Prepare artifacts such as Test Results (TR), Authorization Boundary Diagrams (ABD), Network Topologies, Flow-diagrams, Hardware and Software listings, Ports, Protocols, and Services Management documentation, supporting Assessment and Authorization activities and maintain the Plan of Actions and Milestones (POA&M).
- Periodically conduct a complete review of each program support and operational system's audits and monitor corrective actions until all actions are closed.
- Coordinate across the program to address identified deficiencies during RMF assessment activities.
- Current Security+ certification (DoD Approved 8570 Baseline; IAT Level II) required to start
- Security engineering skills with a working knowledge of cybersecurity technology and DoD/Federal cybersecurity policy (i.e., DoDI 8500.01, NIST SP 800-53, etc.).
- Thorough understanding and utilization of Enterprise Mission Assurance Support Service (eMASS)
- Experience with the Xylok compliance scanning application
- Familiarity in the Risk Management Framework (RMF) Cybersecurity Lifecycle to include: identifying controls and overlays, generating testable requirements, identifying resilient architecture design, configuring, running, and scripting audit tools, providing analysis of vulnerability analyses, conducting verification testing for compliance assessment.
- Experience creating and updating Python scripts
- Experience with Software Assurance (SwA) static and dynamic code analysis
- Experience with Security Information and Event Management (SIEM) solutions (e.g. QRadar/LogRhythm)
- Experience with Host Based Security System (HBSS)
Minimum Security Clearance
- Active DoD Secret Security Clearance preferred (or used within the past 2 years)
- US Citizenship is required
Minimum Years of Experience
- High school Graduate and 3+ years, Associates and 2+ years, or Bachelor’s and 1+ years
Each division of BSTG is an AAP/EEO employer.
Alternatively, you can apply to this job using your profile on one of the following sites: