Mid Level Information Assurance and Vulnerability Management Specialist

Mid Level Information Assurance and Vulnerability Management Specialist

Why This is an Exciting Role:

As an Information Assurance and Vulnerability Management Specialist, you will:

• Communicate and collaborate with key stakeholders across the enterprise regarding cybersecurity related matters.
• Define and maintain policies, procedures, control objectives and publish implementation guidance.
• Define policy compliance measures and consult on regulatory compliance.
• Define and perform vulnerability assessments leveraging threat analysis, known vulnerabilities, and business value to scope and prioritize efforts.
• Identify the operational environment, the threat against it, the potential impact to it and the most likely courses of adversarial action upon it.
• Define and manage cybersecurity risk management processes.
• Perform due diligence for mergers and acquisitions, ensuring cybersecurity risks are escalated to the appropriate management level for action.
• Act as the primary cybersecurity interface to non-fully integrated subsidiaries, enabling technical interchange and consistent business priorities for Information Security efforts.
• Provide supply chain cybersecurity risk management requirements and collaborate with procurement agents and other Supply Chain functional representatives to implement supply chain cybersecurity.
• Performs vulnerability assessments and audits supporting information system and lab security and DoD compliance.
• Facilitate a comprehensive vulnerability management program aligned to program goals and objectives.
• Performs Cybersecurity vulnerability scans and document results on a variety of systems, identify vulnerabilities, utilizing designated vulnerability management tool sets.
• Perform, review and audit Security Technical Implementation Guides (STIGs) utilizing designated tools to ensure compliance.
• Support the development and maintenance of cyber scanning, patching, and remediation, tools and applications.
• Performs periodic and on-demand system audits and vulnerability assessments.
• Perform technical threat/risk and vulnerability assessments and manage vulnerabilities throughout the engineering and information system lifecycle.
• Support the engineering analysis of patches and various system updates and upgrades to determine system consequence of these changes.
• Support and facilitate various ATO packages including processing IAVMs and CTOs for the same.
• Develop and maintain effective, accurate, and timely reporting and metrics.
• Provide technical guidance within a defined organizational team.
• Evaluate and recommend vulnerability management tools and technologies, ensuring the optimal balance of effectiveness and efficiency.

What Makes BI&A Different:

As a fully owned subsidiary of The Boeing Company, BI&A offers an optimal mix of a small company environment with exception

al opportunities supported by a large corporation.

Every day, Boeing Intelligence & Analytics supports global missions by building and delivering intelligence, analytics, and cyber solutions that enable users to advance national security. From hardware and software engineering solutions to analytics that keep this nation safe, we create value that meets users’ needs. With vibrant partnerships and innovative approaches, we serve the Intelligence Community through innovation and vision. We have provided our customers with the tools needed to counter evolve global and cyber threats, and to improve wartime decision-making.

• Our talented employees bring software development, systems engineering, and advanced analytics expertise.
  
  
• We offer numerous prime contract opportunities with customers headquartered in Maryland, Virginia, and the District of Columbia, as well as subcontract opportunities that align with our areas of focus and additional opportunities nationwide through our parent company.
  
  
• We have current open positions on awarded programs across diverse customer sets and are anticipating upcoming contract awards with a 5-year life cycle and an additional 5 option years.
  
  
• Our diverse portfolio allows our employees to move to other projects and teams as they gain further proficiency in their current skill set and learn new skill sets along the way.
  
  
• We offer hands-on access to cutting-edge technologies and a culture of technical excellence. 

Experience and Qualifications:

To be eligible for this demanding position, the ideal candidate should demonstrate the following experience and qualifications:  

Required Education and Years of Experience:

• Education/experience typically acquired through advanced technical education (e.g. Bachelor) and typically 5 or more years related work experience or an equivalent combination of technical education and experience (e.g. PhD, Master+3 years related work experience, 9 years related work experience, etc.).

Required Qualifications: ​

• Secret clearance-US prestart
• Cybersecurity IAT/IAM Level II Certificate or higher IAT/IAM level.

Desired Qualifications:

• Experience with Nessus, ACAS, SCAP, and STIGViewer.
• Experience using the Enterprise Mission Assurance Support Service to track POAMs.
• Various cyber related compliance standards: TEMPEST, DFARS Clause 252.204-7012, COMSEC, CNSSI 1253, DOD 8570, NIST 800-160, NIST 800-53 (and 53A), NIST 800-30, NIST 800-171, NIST 800-55, NIST 800-137, NIST 800-39.)
• Excellent team player with strong written and oral communication skills
• Confident in a fast-paced environment with competing priorities, and able to multi-task and manage expectations.

Telework Availability: None

This position requires the ability to obtain a US Security Clearance for which the US Government requires US Citizenship as a condition of employment. ( An interim and/or final U.S. Secret Clearance Pre-Start is required.)

This position requires clearing a background check and an enhanced Personal Conflict of Interest (PCI) requirements as a condition for employment.

Summary Pay Range:

Please note that the information shown below is a general guideline only. Pay is based upon candidate experience and qualifications, as well as market and business considerations.

$87,200 - $130,800