IA Policy and Compliance Certified Professional - Intermediate

Asia-Pacific (APAC) Pyeongtaek, Korea (the Republic of)


Description

Position Title:

IA Policy and Compliance Certified Professional - Intermediate

Location:

Pyeongtaek, South Korea

Status:

Full-Time- Regular

FLSA Category:

Exempt

 

We have an immediate opening for an IA Policy and Compliance Certified Professional - Intermediate to join our rapidly growing team. The position requires an understanding of security related system controls and an understanding of the various Government security policies including NIST SP 800-53A and DoD 8570. Under general direction, performs and leads support of Certification and Accreditation (C&A) or other IA/CND Compliance and Auditing processes and inspections for all enterprise systems and networks; ensures validity and accuracy review of all associated documentation.  Leads and performs compliance reviews of computer security plans, performs risk assessments, and validates and performs security test evaluations and audits.  Analyzes and defines security requirements for information protection for enterprise systems and networks.  Assists in the development of security policies.  Analyzes the sensitivity of information and performs vulnerability and risk assessments based on defined sensitivity and information flow.  Professionally certified as Technical Level II as defined by DODI 8570 is a requirement.

 

Essential Responsibilities:

  • Provide vulnerability assessment support, to include risk analysis of vulnerabilities, threats, and the impact of losing systems' capabilities on the mission objective; recommend decisions to implement security countermeasures or mitigate risk; implement approved countermeasures; and perform periodic reviews
  • Utilize DOD applications and tools, such as Enterprise Mission Assurance Support Service (eMASS), to record such RMF activities as control implementation of all applicable Security Controls, as identified via information system security categorization IAW NIST SP 800-53 and CNSSI 1253. Security controls are broken down into individual, measurable, statements called “assessment procedures” or “Control Correlation Indicators” IAW DoDI 8510.01.
  • Support the Government Capability Manager/Information System Owner (ISO) in ensuring that the information systems are configured IAW DISA STIGs, applicable patches, and other cybersecurity requirements.
  • Collect required artifacts for review and provide recommendations for Assess Only Packet or Certificate of Networthiness (CoN) requests for all installation activities.
  • Monitor and report Approval to Connect (ATC) and Authority to Operate (ATO) expiration dates quarterly, ensuring authorization milestones meet all DOD published regulations and policies to avoid disconnection
  • Operate and maintain a Defense in Depth for the network and/or enclaves within the network IAW all DOD published regulations and policies.
  • Other duties as assigned

 

Minimum Qualifications:

  • Must have at least five to seven (5-7) years in Computer Network Defense (CND), five to seven (5-7) years of experience in Information Assurance (IA) and Cybersecurity.

Abilities:

  • Ability to organize, prioritize and meet deadlines
  • Capable of conveying complex information in a simplistic manner
  • Strong critical thinking and problem-solving skills
  • Strong self-starter requiring minimal supervision
  • Able to take proactive measures to prevent problems rather than reactive by nature
  • Strong verbal and written communication to effectively express concepts, plans, and proposals
  • Must be a U.S. Citizen

 

Education and Certifications:

  • Degree in computer science, information technology, or another related field.
  • Must possess the following at time of appointment:
    1. Completed SSBI
    2. A minimum of one (1) IAT Level-III (CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, or GCIH).

Security Clearance:

  • A minimum of an active Secret Clearance required - T3/NACLC

 

Compensation:

  • Compensation is competitive and is commensurate with experience.
  • All qualified applicants will receive consideration for employment without regard to race, color, religion, sex or national origin.
  • Tribalco is an equal opportunity employer.

 

About Our Company:

Tribalco is a global systems integrator providing mission-critical information technology, telecommunications, and soldier survival solutions to government and commercial customers worldwide. For over 15 years, Tribalco has been providing defense, civilian government, and international customers with advanced engineering, installation, and O&M solutions in the world's most challenging and secure environments.

 

Founded in 2004, Tribalco is a CMMI® for Services Maturity Level 3 appraised and ISO 9001:2015 certified enterprise. As a named NSA Commercial Solutions for Classified Trusted Integrator, Tribalco develops, integrates, and deploys multi-layered NSA-compliant COTS-based solutions that enable customers to securely create, share, and protect their classified data. With headquarters in Maryland, regional offices in Florida, California, South Korea, and Germany and supporting satellite locations in Hawaii, Japan, Marshall Islands, Afghanistan, and Kuwait, Tribalco competes internationally and performs with agility across the globe in dozens of countries. For additional information, please visit www.tribalco.com.