Information Assurance Analyst

Information Assurance Analyst

Discover a career of innovation and impact at ARServices, Limited (ARServices). With decades of excellence in tackling complex challenges in defense, security, and national intelligence, we're leading the way forward. Join our dynamic team of experts, where Agility, Reliability, and Success are not just values but a way of life. As a graduated 8(a) company and Small Disadvantaged Business headquartered in Falls Church, VA, with a national presence, ARServices offers an exciting opportunity to shape the future while advancing your career. Join us and be part of something extraordinary.

ARServices is seeking an Information Assurance Analyst to work in the Edgewood, MD area.

The Joint Program Executive Office for Chemical, Biological, Radiological and Nuclear Defense (JPEO-CBRND) manages our Nation's investments in chemical, biological, radiological, and nuclear (CBRN) defense equipment and medical countermeasures. Within JPEO-CBRND, the Joint Project Lead Chemical, Biological, Radiological and Nuclear (JPL CBRN) Integration (INT) manages the total lifecycle of enterprise information technology systems and provides enterprise-wide CBRN threat warning and reporting, hazard prediction, and decision support capabilities for the collection, analysis, and dissemination of CBRN defense information. The Information Assurance Analyst will support JPL CBRN INT's CBRN Information Systems (IS) office by contributing to its mission of delivering and enabling a rapidly scalable, cloud-based application providing timely, fused, and easily accessible CBRN Warning Reporting and Hazard Prediction capabilities to the Joint Warfighter and international partners.

A qualified candidate's duties and responsibilities include, but are not limited to:

• Examining JPEO- CBRND programs and system characteristics to determine whether compliance with DoDI 8500.01 is recommended or required and developing an Acquisition Cybersecurity Strategy when required.

• Ensuring that each JPEO-CBRND program, when required, has a cybersecurity strategy that is consistent with DOD policies, standards, and architectures, to include relevant standards.

• Assisting in the identification of Critical Program Information (CPI) and Critical Technology in terms of their importance to the program being developed.

• Assisting in the identification of foreign collection threat to the program, identifying elements that require classification, and determining the phases at which such classification should occur and the duration of such controls.

• Providing support for Development Test (DT), User Demonstration (UD), User Feedback Event (UFE), Operational Assessment (OA), and Operational Test (OT) events and addressing each CPI as well as other relevant information requiring protection, including export-controlled information and sensitive but unclassified information.

• Managing the Host-Based Security System (HBSS) and installing, configuring, and maintaining computer and network security software, including instances of the Assured Compliance Assessment Solution (ACAS), the Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) Viewer, and other cybersecurity software test and scanning software applications.

• Documenting programs' overall cybersecurity approach and requirements, including determining the appropriate Certification and Accreditation (C&A) process, contributing content for Life Cycle Management Plans (LCMPs), assisting programs in the creation of a Security Classification Guide (SCG), and assisting in the development of Program Protection Plans (PPPs) Appendix E, the Cybersecurity Strategy.

• Leveraging IEW services while working in conjunction with JPMs/JPLs/across the JPEO-CBRND to facilitate risk management framework activities.

• Ensuring fielded information systems and networks are defended to maintain confidentiality, integrity, availability, authentication, and non-repudiation by identifying, developing, and applying risk management framework technical-, operational-, and management-related security controls and protection mechanisms.

• Guiding JPEO-CBRND programs in the development of acquisition cybersecurity strategy.

• Assisting in the identification of Critical Technology and address CPI as well as other relevant information requiring protection, including export-controlled information and sensitive but unclassified information.

• Interfacing with JPMs/JPLs customers, representing JPMs/JPLs in discussions concerning cybersecurity, including (but not limited to) topics which address use of the DISA STIG in the software application and system development process, use of the DISA Enterprise Mission Assurance Support Service (eMASS) tool to document program progress during the C&A process, and the Risk Management Framework and its critical alignment with a program's System Development Life Cycle (or Software Development Life Cycle, as appropriate).

• Leveraging SSA services while working in conjunction with JPMs across the JPEO-CBRND to facilitate risk management framework activities.

Security Clearance Requirement:

Active/current Secret clearance is required.

Required Qualifications:

• A minimum of three (3) years of experience providing information technology support services, including information assurance.

• Excellent organizational skills and senior-level interpersonal and communication skills, both oral and written.

• Proficiency with the Microsoft Office Suite.

• Risk Management Framework (RMF) Training.

• Active Security+ certification.

• Ability to take the International Information Systems Security Certification Consortium (ISC) 2™ Certified Authorization Professional (CAP) Certification Prep Self Study (11 hours) upon start.

• Ability to travel up to 20% Continental United States (CONUS) and less than 10% Outside Continental United States (OCONUS).

ARServices is an Equal Opportunity/Affirmative Action Employer committed to hiring and retaining a diverse workforce, including protected veterans and individuals with disabilities.