Information Assurance Compliance Specialist II

Job Title: Information Assurance Compliance Specialist II

Job Description:

We are seeking a dedicated Information Assurance Compliance Specialist II to join our team. This role will involve acting as an Information Systems Security Officer and will be responsible for ensuring compliance with information security policies and regulations. The ideal candidate will have a strong background in information assurance and risk management.

Key Responsibilities:

• Assist with the configuration management for information system security software, hardware, and firmware.
• Responsible for maintaining and monitoring implementation of all Information Security policies, standards, and guidelines, evaluate proposed changes to a system to ensure the change does not impact the system's security.
• Create or assist in various T&E documents, Test Plans, Test Reports, Test Readiness Reviews, Test Incident Reports, Document Number Requests, etc.
• Support various T&E events under various roles.
• Currently leading Laptop Performance Specification testing: Created Test Plan, created TRR, test lead, will create test report, etc.
• Create Test Configuration Files (TCFs) for Threat Load (TL) releases, as well as the supporting documents for them, Version Description Documents (VDD).
• Support development events when needed.
• Provide all releasable artifacts to ISSE team for MFEW/GBAD laptop images; TLs, TCFs, VDDs, system manuals, etc.
• Quarterly Laptop Image Independent Verification and Validation (IV&V) testing. (falls under T&E support and work)
• New Master Test Plan for this work currently under edits and review.
• Maintain test equipment and setup in Lab 40 specific to this test.
• Conduct quarterly Laptop Image IV&Vs.
• Create/complete documents related to this event; TRR, TIR, and TR.
• Provide Media Transfer Authority (MTA) to all areas.
• Analyze organization's cyber defense policies, configurations, evaluate compliance with regulations, and organizational directives, monitor/maintain the Plan of Action & Milestones and provide recommended remediation strategies.

Skills:

• Strong understanding of information assurance principles and practices.
• Experience with Risk Management Framework (RMF) processes.
• Proficiency in preparing and reviewing security documentation.
• Knowledge of cyber defense policies and compliance regulations.
• Ability to analyze and evaluate security configurations and compliance.
• Excellent communication and collaboration skills.

About TRISTAR

TRISTAR is a professional services company supporting U.S. Department of Defense programs. Our core competencies include Electronic Warfare, Enterprise Management, Full Spectrum Cybersecurity, Information Technology, Digital Transformation, Software Engineering and Development, Maritime Modernization and Engineering, and Technical Solutions. Founded in March 1995, TRISTAR has built an employee-focused collaborative environment enabling our team of professionals to create and deliver customized solutions to meet mission critical challenges.

TRISTAR provides Equal Employment Opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

• Excellent verbal and written communication skills
• Conduct and evaluate scans
• strong cybersecurity background
• Experience with Linux, CISCO, MS networking and OS's

Education:

• Degree Minimum requirements: College degree in a technical or managerial related discipline
• Preferred: B.S. or M.S in Computer Science, Computer Engineering, or related technical field
• Certifications requirement: CompTIA Security+
• Experience: 6+ Years of practical experience in a Cybersecurity, Engineering, T&E or A&A (formerly C&A) related field