Position Title:� Information Assurance Engineer II� Location:� Transformation and Training Command (T2COM) Austin, Texas� Status:� Full-Time� FLSA Category:� Exempt� Tribalco is actively seeking an experienced and highly motivated Information Assurance Engineer to join our team in Austin, TX, supporting the US Army Transformation and Training Command (T2COM). Performs under general direction, uses current information security technology disciplines and practices to ensure the confidentiality, integrity, and availability of Government information assets IAW established standards and procedures. Develops and maintains a knowledge base on changing regulatory, threat, and technology landscapes to continually develop or maintain security policies and standards, and ensures compliance throughout the organization. Provides RMF, circuit/system accreditation, and certification policy services. Participate in the development or modification of the computer environment, IA security program plans, and requirements. Develop procedures to ensure system users are aware of their IA responsibilities before granting access to DoD information systems. Recognize a possible security violation and take appropriate action to report the incident, as required. Ensure that IA requirements are integrated into the COOP for that system or DoD Component. Ensure that IA security requirements are appropriately identified in computer environment operation procedures. Collect and maintain data needed to meet system IA reporting requirements. Focuses on maintaining, retrieving, and analyzing system IA logs and reporting findings.� � � Key ResponsibilitiesTo perform this job successfully, an individual must satisfactorily perform each essential duty.� � The requirements listed below are representative of the knowledge, skill, and ability required:�
Work with system owners to close IAVMs/ICVMs and open Plan of Action and Milestones (POA&Ms) in a rapid fashion, in accordance with DoD instructions/directives. Review all POA&MS with the Program Manager on at least a quarterly basis and update the POA&Ms accordingly
Account Management of clients/users/customers with a 4-star command
Create SOPs and verify user training to approve their SAAR as an ISSO
Provide Defense in Depth principles and technology in security engineering designs and implementation
Analyze existing and future systems, reviewing security architectures, and developing engineering solutions that integrate information security requirements to proactively manage information protection
Apply security risk assessment methodology to system development, including assessing and auditing network penetration testing, antivirus deployment, and risk analysis
Conduct Computer Incident Response Team (CIRT) activities, including forensic analysis
Plan, implement, and manage a Defense In Depth for the total network and/or enclaves within the network to include such items as: scanning, remediation, host and network intrusion detection/prevention, firewalls, proxy servers, web cache, virus programs, vulnerability scanning, content filtering, remote dial in protection, Host Based Security Services, Directory Services, and Certification and Accreditation, DoD Instruction 5200.40, accreditation guidance and advice IAW AR 25-2 and IA Best Business Practices (BBPs). Plan, respond, investigate, and report on undisclosed classified incident remediation
Assess and mitigate system security threats/risks throughout the program life cycle
Validate system security requirements definition, analysis, and review/approve System Security Plans for enterprise-wide architectures
Maintain Agency public key infrastructure system. Implement security designs in hardware, software, data, and procedures
Provide support for the Department of Defense (DoD) Public Key Infrastructure (PKI) service
Responsible for requesting, receiving, installing, and maintaining accountability of system (server) PKI certificates and providing technical support for PKI
Provide communications security (COMSEC) rekeying support within normal business hours or on-call, as required. Prepare and maintain secure communications devices and crypto keys. Provide Certification and Accreditation, as well as provide Automated Information System Accreditation support
Provide Security Risk Assessments
Perform risk analysis of resources, controls, vulnerabilities, impact of losing systems’ capabilities, and threats to the mission objective; provide analysis to facilitate decisions to implement security countermeasures or mitigate risk; implement countermeasures; periodically review the program
Identify potential threats and review evaluations for compliance and noncompliance.
Desired Skills
Ability to organize, prioritize, and meet deadlines
Capable of conveying complex information in a simplistic manner
Strong critical thinking and problem-solving skills
Strong self-starter requiring minimal supervision
Able to take proactive measures to prevent problems rather than being reactive by nature
Strong verbal and written communication to effectively express concepts, plans, and proposals
Must be a U.S. Citizen
Required Qualifications
Bachelor’s degree in computer science, Cybersecurity, Computer Engineering, or related discipline
Comparable experience in lieu of a degree may be considered
3+ years of experience performing Information Assurance functions and using RMF IT security controls and policies
Must possess and maintain an IT-I level certification IAW AR 25-2 and an IAT-II (Security +) or higher
Must possess and maintain Computing Environment Certifications
Clearance�
This position requires an active SECRET clearance
Compensation
Compensation will be hourly and is commensurate with experience.�
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, or national origin.�
Tribalco is an equal opportunity employer.�
About Our Company: � Tribalco is a global systems integrator providing C5ISR and tactical survival, rescue, and safety systems to military, federal civilian, and commercial customers around the world. Since 2004, Tribalco has delivered and supported innovative technologies that protect our nation from evolving cyber threats and improve the safety and survivability of our armed forces and critical infrastructure.Tribalco is a CMMI® Level 3 appraised organization and ISO 9001:2015 certified enterprise. As a named NSA CSfC Trusted Integrator, Tribalco is at the forefront of technology advancement in engineering and deploying NSA compliant solutions that enable customers to securely access and share classified data across commercial networks, often in extremely challenging environments.
Tribalco is headquartered in Maryland and maintains offices, warehouse operations, and points of presence in Florida, Nevada, South Korea, Germany, the Middle East, and Africa. For additional information, please visit tribalco.com.