More jobs:
Information Assurance/Security Specialist
Job in
Bethesda, Montgomery County, Maryland, 20811, USA
Listed on 2026-07-11
Listing for:
Vinstuen Femmeren jazzværtshus
Full Time
position Listed on 2026-07-11
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, Network Security
Job Description & How to Apply Below
Overview
Diverse Systems Group, LLC is seeking an Information Assurance Specialist to support Walter Reed National Military Medical Center (WRNMMC)’s system security authorization processes in compliance with the Department of Defense (DOD) and Defense Health Agency (DHA)’s NIST RMF related policies and requirements.
DescriptionDiverse Systems Group, LLC is seeking an Information Assurance Specialist to support Walter Reed National Military Medical Center (WRNMMC)’s system security authorization processes in compliance with the Department of Defense (DOD) and Defense Health Agency (DHA)’s NIST RMF related policies and requirements.
Job Summary- Lead and perform Defense Health Agency (DHA)-specific Risk Management Framework (RMF)-related tasks throughout all stages of a system’s lifecycle to include:
- stakeholder engagement and development of A&A or Threat Management Team project plans
- preparation and maintenance of FIPS-199 system security categorization,
- preparation and maintenance of FIPS-200 system security controls exceptions,
- performance of risk assessments,
- analysis of risk remediation and mitigation options and strategies,
- development, review, and submission of Assessment & Authorization (A&A) system security packages,
- selection and documentation of applicable NIST 800-53 rev. 4 security controls in systems’ Security Controls Traceability Matrices (SCTM),
- collection, development, and analysis of NIST 800-53 rev 4-related security controls artifacts,
- participation in and organizational oversight of Independent Verification & Validation (IV&V) activities,
- development of and status tracking for Plans of Action & Milestones (POA&M),
- performance of Continuous Diagnostics and Monitoring (CDM)-related activities, and
- status tracking and reporting to leadership and organizational stakeholders.
- Supports the year-round work of maintaining security posture to meet DoD RMF requirements.
- Manage system security packages in DOD Enterprise Mission Assurance Support System (eMASS) throughout system authorization cycles, to include:
- system registration
- uploading and maintenance of system security packages,
- Plans of Action & Milestones (POA&M) entry and tracking, and
- system decommissioning.
- Conduct and technology assessments, reviews, and technical inspections to identify and mitigate potential security weaknesses and to ensure all applicable security features and functionality are implemented and function as intended and required.
- Work in partnership with System and Network Administrators to perform self-assessment and hardening of workstations, servers, network devices, and clinical devices to include application of Secure Technical Implementation Guidelines (STIG) and running hardening and security artifact collection scripts and Security Content Automation Protocol (SCAP) and Assured Compliance Assessment Solution (ACAS) scans.
- Develop and maintain cybersecurity-related training materials and delivery of training for users and System Administrators (SA).
- Possess and maintain comprehensive understanding of federal security regulatory requirements and security frameworks including DoD/DHA IT Security and IA policies, RMF, NIST SP 800-series, FISMA, FIPS, FedRAMP, policies, directives, and publications etc.
- Proactively maintain awareness and understanding of current and emerging threats and vulnerabilities and their potential impact on organizational mission accomplishment, patient safety, and security of patient data.
- Apply security patches, IAVAs, STIGS, and updates for all assigned systems
- Provide support for the escalation and communication of status to agency management and internal customers and clearly communicate technical information to both technical and non-technical personnel
- Implement and manage disaster recovery and COOP plans, systems, and operations.
- Works collaboratively with team to ensure the following;
Maintenance of baseline system security according to organizational policies, cyber threats and vulnerabilities are mitigated, and information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, and encryption) are adhered to. - Provide configuration management and accurately…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×