IA/Security Specialist - Mid Level

Aegis Strategies, LLC - St. Louis, MO (30+ days ago)

Aegis Strategies is an award-winning firm, one of the country’s fastest-growing and—more importantly—a consistent ‘Top Workplace’ as evaluated by our own employees. We are a values-driven organization (see the Core Values section of our web site) looking for new Uncommon Geniuses to join our growing team. If you are an engineer, architect, analyst, hacker, and/or geek who likes to solve problems, fix things, build things, tweak things, or otherwise show creative flair, you might just be an Aegisean.

Our mission is to empower systems thinkers to create elegant solutions to complex problems – to improve the systems that improve our communities. Our team members apply their natural curiosity and grit to discover elegant solutions for our clients’ most complex organizational, logistics, process, data, and technical challenges, with the overall goal of building great businesses that contribute to great communities.

Check out our Glassdoor employer reviews, here, and the specifics of this position, below:

Position Description:
Aegis is seeking an IA/Security Specialist - Mid Level who can perform the following:

Initiate A&A activities and maintain situational awareness of IS status.
Inform ISOs of A&A objectives, processes, responsibilities, dependencies, and schedules.
Assist ISOs in developing system descriptions (including system boundary).
Coordinate activities with applicable government and contractor personnel.
Document the system in NGA’s system of record.
Categorize systems IAW applicable guidance and instructions that are included in Appendixes B and C.
Provide guidance for developing each Information System’s body of evidence as detailed in CDRL 0001 (Assessment and Authorization Risk Management Framework Report).
Select appropriate security controls for Information Systems.
Identify security control overlays based on information type and NGA Information Assurance Requirements Catalog (IARC) guidance.
Classify security controls as common, system-specific, or hybrid.
Maximize use of common controls to promote efficiency.
Review and update security assessment methods.
Provide security and control implementation guidance.
Offer technical guidance throughout the IS development life cycle.
Provide risk mitigation alternatives and assist in performing cost/benefit analyses.
Meet with the Government monthly to develop a list of information systems that require authorization recommendations and agree on a delivery schedule.
Perform information system risk assessments and provide recommendations for authorization decisions.
Perform risk assessments based on identified threats, applicable vulnerabilities, and the likelihood of occurrence within the context of the agency’s risk strategy. Recommend authorization decisions IAW CDRL 0014:
Perform risk trade-off analyses to support risk acceptance decisions.
Develop risk mitigation strategies, solutions, and recommendations.
Prepare and coordinate POA&M packages with the ISOs.
Ensure BOE artifacts supporting authorization decisions are accurate and complete.

Required Skills
  • Must be a US Citizen.
  • Must have Top Secret/SCI clearance.
  • Must have DoD 8570 compliant certification(s). IAM-III - CISM, CISSP (or Associate), or GSLC.
Required Experience
Aegis is seeking an IA/Security Specialist - Mid Level who has experience in capturing information security requirements and ensuring that the requirements are integrated into IT component products and systems. Developing system concepts, contributing to the capability phase of the systems development life cycle, etc.

  • Pending award of contract
**All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, or national origin.