Information Assurance Specialist - III; Information Security Analyst

Information Assurance Specialist - III (Information Security Analyst)

Indianapolis, Indiana, United States

Barbaricum is a rapidly growing government contractor providing leading-edge support to federal customers, with a particular focus on Defense and National Security mission sets. We leverage more than 17 years of support to stakeholders across the federal government, with established and growing capabilities across Intelligence, Analytics, Engineering, Mission Support, and Communications disciplines. Founded in 2008, our mission is to transform the way our customers approach constantly changing and complex problem sets by bringing to bear the latest in technology and the highest caliber of talent.

Headquartered in Washington, DC's historic Dupont Circle neighborhood, Barbaricum also has a corporate presence in Tampa, FL, Bedford, IN, and Dayton, OH, with team members across the United States and around the world. As a leader in our space, we partner with firms in the private sector, academic institutions, and industry associations with a goal of continually building our expertise and capabilities for the benefit of our employees and the customers we support.

Through all of this, we have built a vibrant corporate culture diverse in expertise and perspectives with a focus on collaboration and innovation. Our teams are at the frontier of the Nation's most complex and rewarding challenges. Join our team.

Barbaricum is seeking an experienced Information Assurance Specialist III (Information Security Analyst) to support cybersecurity compliance, risk management, and authorization activities for Department of Defense (DoD) systems. The selected candidate will assess security controls, support Security Assessment and Authorization (SA&A) efforts, and develop accreditation documentation to ensure compliance with federal and DoD cybersecurity requirements.

The Information Assurance Specialist will work closely with system owners, engineers, and cybersecurity teams to evaluate system security, support continuous monitoring activities, and maintain compliance with the Risk Management Framework (RMF), NIST standards, and applicable government regulations.

• Assess, implement, and validate cybersecurity controls in accordance with NIST SP 800-53, the NIST Cybersecurity Framework, and applicable DoD cybersecurity requirements.
• Support the Security Assessment and Authorization (SA&A) process by evaluating security controls, identifying risks, and recommending mitigation strategies.
• Develop, review, and maintain Assessment and Authorization (A&A) documentation packages to support system accreditation and authorization efforts.
• Conduct security assessments, vulnerability analyses, and compliance reviews to ensure systems meet federal and DoD cybersecurity standards.
• Collaborate with system owners, engineers, and cybersecurity teams to implement security controls and maintain a strong security posture across enterprise environments.
• Support continuous monitoring activities, including risk assessments, control validation, remediation tracking, and reporting.
• Provide cybersecurity guidance and recommendations related to information assurance, risk management, and regulatory compliance.
• Prepare technical reports, security documentation, and executive briefings to support authorization decisions and stakeholder requirements.
• Ensure compliance with Risk Management Framework (RMF), DoD policies, and applicable government cybersecurity regulations.
• Serve as a subject matter expert on information assurance, cybersecurity controls, accreditation processes, and security compliance initiatives.

• Bachelor's degree in related field.
• Minimum 10 years of experience in network operations and information security.
• Demonstrated experience assessing security controls based on cybersecurity principles and tenets (e.g., NIST SP 800-53, Cybersecurity Framework, etc.).
• In-depth understanding of relevance of NIST Security Controls and Control Implementation methodologies to the SA&SA process.
• Relevant DOD, DHS or .gov Cyber Security Information Assurance focused experience with specific current hands‑on researching, writing, and submitting complete A&A documentation packages for new system authorizations.

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.