![](https://static.wixstatic.com/media/e50773_29f0385b2bd3457eb5cba45719491b03~mv2_d_5800_3990_s_4_2.jpg/v1/fill/w_1920,h_1321,al_c,q_90,usm_0.66_1.00_0.01,enc_avif,quality_auto/e50773_29f0385b2bd3457eb5cba45719491b03~mv2_d_5800_3990_s_4_2.jpg)
![](https://static.wixstatic.com/media/e50773_9e8989cd11a24b4393aedc9c48a5e155~mv2.jpg/v1/fill/w_980,h_649,al_c,q_85,usm_0.66_1.00_0.01,enc_avif,quality_auto/e50773_9e8989cd11a24b4393aedc9c48a5e155~mv2.jpg)
Information Assurance-Security Engineer Level 3 114-008
![SysEng.png](https://static.wixstatic.com/media/e50773_4f0eda4c63bc4134b81b54b4c6eab865~mv2.png/v1/fill/w_541,h_302,al_c,q_85,usm_0.66_1.00_0.01,enc_avif,quality_auto/SysEng.png)
See a complete list of our open positions
Apply at the Bottom of the Page
IC-CAP LLC is a Woman Owned / HUBZone Small Business working in the Department of Defense and Intelligence Community. We are always looking for highly talented, energetic, and dynamic professionals that are interested in protecting the defense of our nation.
Some of the positions are future positions. Please look at the opening line of the job description to determine if this is an open or future position.
Our positions are not remote unless stated in the job description below.
We are looking to fill this position at the following location(s):
- Herndon, VA
Job Description
Information Assurance-Security Engineer Level 3:
As a Information Assurance-Security Engineer on the TALOS program, you will be expected to:
Design and implement safety measures and controls. Monitor network activity to identify vulnerable points. Address privacy breaches and malware threats.
Support the Assessment and Authorization (A&A) processes and Information Assurance documentation for multiple analytic and mission systems across all CLINs
Generate and maintain the complete security Body of Evidence (BoE) while leading the A&A activities according to the Risk Management Framework (RMF) processes (ICD 503, CNSSI-1253, NIST 800-37, NIST 800-53, etc.) for all multiple information systems
Author, complete and maintain the System Security Plan (SSP) within XACTA
Develop the Security Controls Traceability Matrices (SCTM), and the Security Test Plan (STP) procedures within Xacta.
Analyze existing security systems and make recommendations for changes or improvements Monitor the network and provide early warning of abnormalities or problems RMF, Xacta experience.
Experience working with software developers and architects to understand security requirements
Experience guiding the application developers on security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements
Experience supporting the Continuous Monitoring of operational systems; experience monitoring and auditing operational systems for proper use
Log Review/Analysis using SIEM tools (Splunk, etc.)
DISA STIGs and STIG Viewer experience
Required Qualifications:
9+ years supporting Assessment and Authorization (A&A) and information assurance processes and documentation using RMF.
BS degree; 7 years of experience with a masters; an additional 4 years of experience required in lieu of a degree (will consider at Staff level with the appropriate years of experience).
Hands-on experience to validate control implementations and test procedures.
Knowledge of current security risks and protocols.
Willingness to work outside of standard hours if circumstances require.
RMF, Xacta experience.
Good analytic and problem-solving skills.
DoD Approved 8570 Baseline Certifications (eg, Security+) certifications.
DoD Approved Clearance and Poly
Work 100% onsite in a secure environment
Desired Qualifications:
Experience working with AWS/Google cloud-hosted information systems or applications
Experience working with Redhat or CentOS Linux operating systems
Experience working in a DevSecOps environment and tool chain