DTRA - Information Assurance Engineer (Staff)

US-VA-Fort Belvoir
Job ID
# of Openings
Clearance Requirement
Education Requirement
Bachelor's Degree
Experience Level
8570 Compliant


SMS is a fast growing, veteran-owned business that's has supported Federal Government's IT initiatives for over four decades.  We work side-by-side with our Federal clients as a trusted, long-term partner to offer innovative advice and leadership to solve their most pressing and complex problems. We orchestrate people, strategies, technologies and best-of-breed business processes. The SMS advantage in management and technology consulting includes deep domain expertise in complex networking design and unifying communities of interest. 


We have strong capabilities in design & build, planning, governance, quality management, security, analytics, virtualization, operations and business process improvement. For 40 years, SMS has brought customer satisfaction to Federal clients and formed lasting alliances with leading technology companies and talented small businesses to deliver joint, leading-edge, cost-effective services and products. 

Submit your resume today!


Seeking a Department of Defense (DoD) Risk Management Framework (RMF) expert to lead various IT security risk management tasks and policy oversight across the Defense Threat Reduction Agency (DTRA) in a high-paced, dynamic environment. Responsibilities and tasks may include some or all of the following:

  • Running ACAS scans, SCAP scans and manually going through STIG checklists
  • Very strong technical experience on Microsoft
  • Helping with the preparation of the Security Assessment Plan
  • Expert with a complete security control validation and assessment of a system or network to address known threats and vulnerabilities. The evaluation must consider and identify impacts as well as consideration of existing risk mitigation strategies
  • Developing Plan of Action and Milestones (POA&M) based on the assessment results
  • Ensure traceability of all vulnerabilities from raw assessment results to the POA&M
  • Conducting required vulnerability analysis to support mitigation and residual risk determination
  • Assisting with eMASS data entry requirements
  • Supporting the continuous monitoring program as necessary when Information System Continous Monitoring (ISCM) results will be used to support continuing authorization requirements or ongoing authorizations


Required Skills

  • Expert with RMF accreditation packages
  • Experience in all steps of the RMF process
  • Expert in evaluating security controls and compliance on a variety of hardware and software systems
  • Expert with eMASS
  • Excellent Communication skills
  • Ability to work effectively independently as well as within a team environment
  • Experience with assessing ACAS scans and importing into eMASS
  • Demonstrated a strong work ethic and ability and willingness to take on new challenges
  • Experience with writing SSPs

Desired Skills

  • Software Security Engineering
  • CAP Certification
  • Reading and interpreting network and dataflow diagrams
  • Experience with PPSM requirements





SMS is an Equal Opportunity Employer. 


SMS is a veteran-owned network integrator established in 1976.  With an employee retention rate averaging over 5 years, our ability to hire quality people and retain them in a rapidly evolving IT market proves why we are a world-class information technology company. At SMS, we place a high value on quality of service, customer satisfaction, and best-of-breed policies and practices. As a result, SMS is proud to be ISO 9001:2008 Registered and a CMMI Level 3 certified company, ensuring that we continue to meet and exceed the expectations of our customers, partners and employees.  


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed