Information Assurance Security Professional
|Work Schedule:||Full Time|
|Salary:||$51,630 – $115,742
|Location:||Washington, DC metropolitan area|
Information Assurance professionals: Do you have experience as an Information Assurance (IA) security professional in industry or government? Would you like to participate in the development and deployment of mission-critical systems in support of the Agency's cyber defense mission? If so, we may be looking for you. We are seeking individuals to provide IA technical development and security guidance to customers within our organization.
We are the Agency's Information Assurance professional organization. Our mission is the protection of Agency data and systems through risk analysis, enterprise security solutions, and continual enhancement of our protection profiles. As a member of our organization, you will have the opportunity to conduct all aspects of Information Assurance of Agency systems to include:
- Provide Defense in Depth principles and technology in security engineering designs and implementation
- Analyze existing and future systems, reviewing security architectures, and developing engineering solutions that integrate information security requirements to proactively manage information protection
- Apply security risk assessment methodology to system development, including assessing and auditing network penetration testing, antivirus deployment, risk analysis
- Conduct Computer Incident Response Team (CIRT) activities, including forensic analysis
- Engineer and deploy network defense countermeasures such as anti-virus, anti-spam, and intrusion detection and prevention system solutions
- Analyze IA security events, including threat model development and resulting security risk analysis of systems
- Review and assess information security events and logs via sophisticated security information/event manager
- Assess and mitigate system security threats/risks throughout the program life cycle
- Validate system security requirements definition and analysis and review/approve System Security Plans for enterprise-wide architectures
- Maintain Agency public key infrastructure system Implement security designs in hardware, software, data and procedures
- Perform vulnerability assessments and penetration testing
- Conduct certification and accreditation planning and testing
- Conduct technical policy guidance and consultation to component Agency system.
Minimum qualifications: Candidates should have a bachelor's degree from an accredited college or university with a curriculum in information assurance, computer science, mathematics, computer engineering or other technical field, or the equivalent verifiable work experience. Candidates should also possess:
- One (1) year of associated in-depth IA class work or relevant IA work experience.
- Excellent oral and written communications skills
- Strong commitment to continuous learning
- Ability to work in a team environment and the ability to listen well and work with others.
- A track record of progressively responsible information assurance experience in one or more of the following information security areas: ICD 503 (DCID 6/3) certification and accreditation, IA system evaluations, system security penetration testing, and IA security operations/network monitoring, Intrusion Detection Systems, Intrusion Prevention Systems, Security Information Management/Security Event Management, network mapping, vulnerability scanners, firewalls, routers and other security tools
- Working knowledge of public key infrastructure and encryption systems
- Experience working on an information security incident response team
- Certified Information Systems Security Professional (CISSP).
All applicants must successfully complete a thorough medical and psychological exam, a polygraph interview and an extensive background investigation. US citizenship is required.
To be considered suitable for Agency employment, applicants must generally not have used illegal drugs within the last twelve months. The issue of illegal drug use prior to twelve months ago is carefully evaluated during the medical and security processing.
Important Notice: Friends, family, individuals, or organizations may be interested to learn that you are an applicant for or an employee of the CIA. Their interest, however, may not be benign or in your best interest. You cannot control whom they would tell. We therefore ask you to exercise discretion and good judgment in disclosing your interest in a position with the Agency. You will receive further guidance on this topic as you proceed through your CIA employment processing.
Make a note of the position(s) that interest you, as you can apply for up to four positions in one application. DO NOT submit multiple applications; this will only slow the review of your application, and delay processing. Please read the Application Instructions carefully before you begin the online application process.
An equal opportunity employer and a drug-free work force.