By Light Professional IT Services

  • Information Assurance Support Engineer

    Job Locations US-MD-Edgewood
    Posted Date 1 month ago(11/14/2018 4:33 PM)
    # of Openings
    Information Technology
  • Overview

    Supports the Joint Project Manager Information Systems (JPM IS) Software Support Activity (SSA) at Aberdeen Proving Ground (APG), MD. This position is contingent upon successful award of contract and duration is one-year base and two one-year option periods. Normal duty hours are Monday through Friday 0900 to 1500 daily. Primary responsibilities include performing cybersecurity compliance and policy requirements.   


    By Light provides a broad range of hardware, software, engineering, and IT integration services. Headquartered in Arlington, VA, we support defense, civilian, commercial, and health IT customers worldwide. We offer an excellent benefits package that includes: medical, dental, vision, life and disability insurance, paid time off, paid holidays, 401(k), and profit sharing.


    • Examine JPEO-CBRND programs and system characteristics to determine whether compliance with Department of Defense Instruction (DODI) 8500.01 is recommended or required and will develop an acquisition Cybersecurity Strategy when required.
    • Ensure that each JPEO-CBRND program, when required, has a Cybersecurity Strategy that is consistent with DOD policies, standards, and architectures, to include relevant standards.
    • Assist in the identification of Critical Program Information (CPI) in terms of their importance to the program being developed.
    • Assist in the identification of foreign collection threats to the program, identify elements that require classification, and determine the phases at which such classification should occur and the duration of such controls.
    • Provide support for Development Test (DT), User Demonstration (UD), User Feedback Event (UFE), Operational Assessment (OA), and Operational Test (OT) events and address each CPI as well as other relevant information requiring protection, including export-controlled information and sensitive buy unclassified information.
    • Manage the Host-Based Security System (HBSS) and install, configure, and maintain computer and network security software, including instances of the Assured Compliance Assessment Solution (ACAS), the Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) Viewer, and other cybersecurity software test and scanning software applications.
    • Document programs’ overall cybersecurity approach and requirements, including determining the appropriate Certification and Accreditation (C&A) process, contributing content for Life Cycle Management Plans (LCMPs), assisting programs in the creation of a Security Classification Guide (SCG), and assisting in the development of Program Protection Plans (PPPs) Appendix E, the Cybersecurity Strategy.
    • Manage information-related risks in enterprise architectures, acquisition strategies, and testing and evaluation, and work to achieve cybersecurity C&A.
    • Ensure fielded information systems and networks are defended to maintain confidentiality, integrity, availability, authentication, and non-repudiation by identifying, developing, and applying risk management framework technical-, operational-, and management-related security controls and protection mechanisms.
    • Guide JPEO-CBRND programs in the development of Acquisition Cybersecurity Strategy.
    • Assist in the identification of Critical Technology and address CPI as well as other relevant information requiring protection, including export-controlled information and sensitive but unclassified information.
    • Interface with JPM customers, representing SSA in discussions concerning cybersecurity, including (but not limited to) topics which address use of the DISA STIG in the software application and system development process, use of the DISA Enterprise Mission Assurance Support Service (eMASS) tool to document program progress during the C&A process, and the Risk Management Framework and its critical alignment with a program's System Development Life Cycle (or Software Development Life Cycle, as appropriate.)
    • Leverage SSA services while working in conjunction with JPMs across the JPEO-CBRND to facilitate risk management framework activities.

    Required Experience/Qualifications

    • Have or be able to obtain the appropriate Risk Management Framework (RMF) Training within the first six months of employment.  
    • Have an active security-related certification (Certified Authorization Professional (CAP), Certified Information Systems Security Professional (CISSP), or Security+) or will obtain the certification within the first year of employment.
    • Complete the International Information Systems Security Certification Consortium (ISC) 2 TM Certified Authorization Professional (CAP) Certification Prep Self Study (11 hours) during on-boarding.
    • Possess seven (7) years of experience providing information technology support services, including information assurance.
    • Possess organizational skills.
    • Possess senior level interpersonal and communication skills, both oral and written.
    • Proficiency with the Microsoft Office Suite.

    Preferred Experience/Qualifications

    • Familiarity with Joint Program Executive Office for Chemical, Biological, Radiological and Nuclear Defense (JPEO-CBRND) programs is desired.

    Special Requirements/Security Clearance

    • Clearance: Secret
    • May be required to travel up to 20% Continental United States (CONUS) and less than 10% Outside Continental United States (OCONUS).

    An Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities



    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed