Sr. Information Assurance Officer

SMS is seeking a highly motivated experienced Information Assurance Officer (IAO) in support of a dynamic team at Maxwell AFB, Gunter Annex, AL.  The IAO will support and maintain the authorization of the systems throughout the RMF life-cycle. Provide support and technical expertise related to Defense in Depth principles and technology in security engineering designs and implementation. Be responsible for obtaining and maintaining ATO/ATC. The candidate will be able to fully support new and existing inspectable DoD programs. They will manage the Information Assurance team and their work products, ensuring high quality performance and deliverables.

SMS has been serving the advanced information technology needs of the federal government since 1976, delivering talented teams and innovative, cost-effective solutions and services to support our customers’ missions for more than 40 years. SMS is headquartered in McLean, Virginia, with offices and on-site operations at customer locations throughout the United States. For additional information on SMS, visit www.sms.com. 

Submit your resume today! 

Duties and Responsibilities:

• Assist Information Assurance Team with implementing and maintaining policies and procedures.
• Ensure other IT support personnel monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks.
• Communicates with internal and external project team members to implement solution designs and changes to the organization’s processes, hardware, software, and data.
• Coordinates with personnel on system security compliance and Information System Authority to Operate /Authority to Connect (ATO/ATC).
• Ensure Configuration management policies and procedures for authorizing the use of hardware/software on an IS are followed.
• Coordinate Information Security Reviews, Security Inspections, and Tests Results.
• Assesses system security threats/risks.
• Validates system security requirements definitions and analysis.
• Assists PMO with assessment and authorization process as needed.
• Monitor and manage Plan of Action and Milestones (POA&M) to address vulnerabilities and compliance issues.
• Tracks and validates security incidents, which requires to investigating, documenting, reporting, and providing future protective and corrective measures in response to such incidents. Ensure proper measures are taken when an incident or vulnerability is discovered.
• Provide expert knowledge in Vulnerability Management and ensure systems are up-to-date and secure.
• Leads briefings on system security compliance and Information System Authority to Operate / Authority to Connect (ATO/ATC) compliance, expiration and actions.
• Implements the Risk Management Framework (RMF) methodology.
• Populates and maintains eMASS with compelling evidence and artifacts to support system accreditation actions.
• Collaborates with the Program Managers, AF Intelligence Community Information Assurance Program Managers, ISSOs and configuration managers to maintain an effective risk assessment process.
• Ensures data stewardship (confidentiality, integrity, and availability) is established for each IS, and specific requirements are enforced.
• Manages the day-to-day operations and administration of the Information Assurance team.
• Provides leadership and guidance to team members on best practices and expectations of the government customer.
• Is responsible for the overall performance of the IA shop and ensuring high quality products and services are being provided.
• Manage the System Network Access Program (SNAP) and Global Information Assurance Program (GIAP).
• A vast understanding of NIST 800 Series Special Publications, FIPS 199, FIPS 200, FISMA, CNSSI, and NIST Cybersecurity Framework (CSF).
• Assisting with Port, Protocols, and Services Management (PPSM) processes and workflows.

Qualifications/Requirements:

• 8570 IAT level III certifications required: CISSP.
• Professional CE/OS certification required: CCNA or Microsoft 365 Certified: Administering Information Protection and Compliance
• Technical degree, Associates or, bachelor’s degree in computer science/Information Systems, Science/Engineering/Math
• Bachelor’s degree preferred from an accredited university in Information Assurance, Information Security Systems, or related fields.
• At least 5 - 7 years’ experience and be able to supervise and direct the work of others and can serve as a technical team lead. Note: If individual is IAT Level III, individual must have at least 7 years of experience.
• Must have substantial understanding of eMASS and NIST RMF
• Have a working knowledge of system functions, security policies, technical security safeguards, and operational security measures.
• Strong Troubleshooting and customer service skills
• Strong written and verbal communication skills.
• Experience with SPLUNK and ACAS is a plus.
• Knowledge of CISCO and/or PALO Alto network devices a plus.
• The employee may be expected to travel approximately 5% of the time to domestic and foreign customer locations as needed.

Clearance:

• DoD Secret or higher

SMS is a veteran-owned network integrator established in 1976.  With an employee retention rate averaging over 5 years, our ability to hire quality people and retain them in a rapidly evolving IT market proves why we are a world-class information technology company. At SMS, we place a high value on quality of service, customer satisfaction, and best-of-breed policies and practices. As a result, SMS is proud to be ISO 9001:2008 Registered and a CMMI Level 3 certified company, ensuring that we continue to meet and exceed the expectations of our customers, partners and employees. 

SMS is an Equal Opportunity Employer.