Information Assurance Specialist with Security Clearance

---

Job description

Paradyme Management is a rapidly growing government technology leader that puts service first, for its customers, its team and the communities it supports. Paradyme harnesses DevSecOps and Agile development processes to deliver exceptional results for digital transformations. With headquarters office in Tysons Corner, VA, Paradyme's award-winning culture sets it apart through its team's deep commitment to service and collaboration with its customers, each other and the community. Learn more at . This position will support a federal law enforcement customer located in Clarksburg, WV. Hybrid work schedule, usually 4 days/wk Remote with 1 day/wk in the Office. The IA Specialist will support O&M for our Federal customer's lifecycle security model that develops, maintains, and dispositions information systems, services, and data, and safeguards confidentiality, integrity, and availability. The candidate will coordinate with system personnel to ensure systems are operated and maintained in accordance with security policies and practices and reports all information system security incidents through the appropriate customer channels. Desired Job Skills include at least six (6) years' experience with the following:
Reviewing information systems to ensure that the management, operational, personnel, and technical controls are functioning effectively during all phases of the system lifecycle
Identifying and evaluating technical and operation security risks, threats, weaknesses, and vulnerabilities associated with information systems
Demonstrating experience in information system compliance with government standards and industry best practices (e.g. NIST, OWASP, Common Criteria, DISA and SANS Institute)
Agile development methodologies
Demonstrating experience in information security practices within the federal and/or state governments
Previous hands-on technical experience in networking, system administration or development
Encryption principles
Certifications: CompTIA Security+ or equivalent preferred Clearance: Active Top Secret (TS) is required Education: Bachelors Degree Preferred The candidate may assist in or perform the following functions: Assist ISSOs in periodically reviewing the information system to ensure the management, operational, personnel, and technical controls are functioning effectively during all phases of the system lifecycle
Assist stakeholders in assessing information systems and identifying and evaluating technical and operational security risks, threats, weaknesses, and vulnerabilities
Review and process change requests or working with change management tools to assess security impact of changes to customer systems
Collaborate with operational personnel and IA professionals to continuously improve system security posture, capturing and producing artifacts, and validating POA&M
Provide analysis via knowledge of NIST 800-53 Recommended Security Controls
Implement precautionary measures to prevent introduction and/or proliferation of malicious code and/or activities
Maintain Information System security features
Ensure annual FISMA requirements are completed on time and conduct and work with the designated personnel to complete incident response and contingency plan exercises
Conduct annual security control reviews
Troubleshoot with internal and external user community on access issues
Ensure Privileged Users (PU) complete mandatory training
Create, modify, or delete user and service accounts and sharing permissions
Implement approved security-related enhancements and/or modifications to the operations and security posture of the system or service
Ensure critical system and service security patches and/or hot fixes are kept current
Possess a workable knowledge of the SSP for the assigned system or service and creating, editing, and updating the PUGs and GUGs for the assigned system or service
Serve as the Registration Authority (RA) for a respective system
Monitor and review security logs, system logs, and audit logs via Splunk
Utilize host-based intrusion detection software to identify and validate all changes to the OS and other critical files to ensure these configurations remain in known and trusted states
Conduct Security Scan reviews for remediation and validation
Assist and participate in Annual Security Training and Exercises

<!– job description page –>