More jobs:
Information Assurance Compliance Specialist II
Job in
Philadelphia, Philadelphia County, Pennsylvania, 19117, USA
Listed on 2026-06-09
Listing for:
Na Oiwi Kane
Full Time
position Listed on 2026-06-09
Job specializations:
-
IT/Tech
Cybersecurity, Information Security
Job Description & How to Apply Below
Information Assurance Compliance Specialist II
Location:
Philadelphia, PA
Salary Range $90,000 to $100,000 per year
Kiakahi LLC is looking for an experienced Information Assurance Compliance Specialist II to join its team.
Assess & Authorize (A&A) and Assess Only (AO) Support:
? Collect and collate system or site information and evaluate/document in eMASS the security posture of systems being assessed, authorized, and maintained
? Develop, submit, and maintain RMF packages in accordance with DoD Instruction 8510.01, NAVSEA business rules, DON RMF process guides, and NAVSEA SOPs
? Develop RMF package documentation including AO determination request packages, system PIT determinations, categorization forms, HW/SW lists, authorization boundary diagrams, defense in depth diagrams, PPSM lists, PIAs, security plans, POA&Ms, SAPs, STIGs, SARs, RARs, and security authorization packages
? Develop or revise policies, plans, and strategy documents to meet RMF control family requirements including incident response plans, contingency plans, IAVM plans, configuration management plans, and physical security plans
Risk and Vulnerability Assessment:
? Conduct risk and vulnerability assessments of planned and installed systems to identify vulnerabilities, risks, and protection needs
? Conduct systems security evaluations, audits, and reviews
? Determine residual risk of packages based on content and assessment results for Security Controls Assessor (SCA) review
Security Assessment and Testing:
? Execute Security Assessment Plans (SAPs) by conducting on-site testing for afloat and PIT ashore systems
? Execute STIGs, SRGs, ACAS scanning, and apply patches to obtain cybersecurity compliance and remediate vulnerabilities
? Develop and maintain POA&Ms in eMASS for all IA-related tasks and deliverables
Monitoring and Analysis:
? Perform analysis of logs, events, and reporting of data collection tools including ACAS, HBSS, web content filters, SIEM, firewall systems, network devices, server devices, workstations, and IDS/IPS
? Assess impacts from observed risks and report via the cybersecurity program chain of command
? Conduct systems security reviews, audits, or evaluations to ensure accreditation documents are accurate
RMF Continuous Monitoring Support:
? Develop and update all required eMASS documents including POA&Ms, RARs, and DISA STIGs at specified frequencies
? Determine system compliance with all applicable controls and assessment procedures for DON systems
? Ensure RMF artifacts comply with Navy/NAVSEA business rules, NIST SP-800-37, and SP-800-53 Rev 4
Additional Duties:
? Perform evaluation of system administrator, security engineer, and system owner proposed corrections to ensure compliance
? Present and submit data to management, develop reports, and produce procedural documentation
? Manage, attend, and support Configuration Control Board practices
? Track deliverables and action items in accordance with A&A guidance
? Support cybersecurity technical writing as required
Tools and Systems
Proficiency required in:
? Enterprise Mission Assurance Support Service (eMASS) - both unclassified and classified
? Assured Compliance Assessment Solution (ACAS)
? DISA STIG Viewer / eMASSTer
? Security Content Automation Protocol (SCAP) tools
? Microsoft Visio
? Vulnerability Remediation Asset Manager (VRAM)
? Host Based Security Systems (HBSS)
? Security Information and Event Management (SIEM) tools
Applicable Standards and References
? DoD Instruction 8510.01 (Risk Management Framework for DoD IT)
? DON RMF Process Guide
? NAVSEA Business Rules
? NIST SP 800-37 and SP 800-53 Rev 4
? DoD 8570.01-M (Information Assurance Workforce Improvement Program)
? NAVSEAINST 9400.2A
Requirements
Requirements
Education:
Bachelor's degree in Computer Science, Information Technology, or a related technical degree from an accredited college or university.
Experience:
Minimum:
Three (3) years of professional experience in information assurance compliance Target:
Four (4) years of professional experience in information assurance compliance
Certifications:
IAM Level 2 certification required. Acceptable certifications include one of the following:
CAP (Certified Authorization Professional)
CASP+ CE
CISM (Certified Information Security Manager)
CISSP or CISSP Associate
GSLC (GIAC Security Leadership Certification)
CCISO
HCISPP
Operating System/Computing Environment (OS/CE) qualification as directed by Privileged Access Agreement and DFARS requirements
Continuing Professional Education (CPE) as required by certification
Security Clearance
Active Secret security clearance
Physical Requirements
Work may involve sitting or standing for extended periods of time. Position may require typing and reading from a computer screen. Must have sufficient mobility, including but not limited to bending, reaching, and kneeling to complete daily duties in a timely and efficient manner. May include lifting weigh up to thirty (30) pounds as necessary.
Benefits
Medical, dental, vision, disability, and life insurance
Flexible…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×