This site uses cookies. To find out more, see our Cookies Policy

Information Assurance Engineer in McLean, VA at NOK-Vintun

Date Posted: 12/1/2018

Job Snapshot

Job Description


Vintun, LLC has an immediate opening for an Information Assurance (IA) Engineer to join our team. As the Information Assurance Engineer, you will directly support the Department of Defense, Defense Health Agency on the Defense Occupational and Environmental Health Readiness System - Industrial Hygiene (DOEHRS-IH). Responsibilities include activities relating to information assurance procedures and systems. The IA Engineer applies IT security principles, methods, and security products to protect and maintain the availability, integrity, confidentiality, and accountability of information system resources and processed information; plans, implements, and manages a Defense In Depth for the total network and/or enclaves within the network; identifies and analyzes threats and vulnerabilities to the information systems to maintain protection, accomplish risk analysis, security testing, and certification due to modifications or changes, completes computer security plans, and enforces mandatory access control techniques; manages a network security program, reporting all incidents promptly and providing corrective action to prevent further incidents; implements guidance to ensure the protection of Internet information, reduces the risks associated with automated processing of information and data, and trains all personnel in IT security awareness, as required. Oversees the Risk Management Framework to include the system accreditation and certification process and its associated deliverables. Responsibilities also include:


  • Support the Government in following the DoD cybersecurity policy requirements set forth in DoDI 8500.01, “Cybersecurity,” and DoDI 8510.01, “Risk Management Framework (RMF) for DoD Information Technology (IT)” and their successors
  • Provide support for the independent assessment of compliance of information systems with DoD RMF standards using DoDI 8510.01
  • Utilize the Enterprise Mission Assurance Support Service (eMASS) or others systems to record RMF activities such as control implementation of all applicable Security Controls as identified via information system categorization in accordance with NIST SP 800-53R4 and CNSSI 1253 (Security controls are broken down into individual, measurable, statements called assessment procedures or Control Correlation Indicators (CCIs)) in accordance with DoDI 8510.01 (Risk Management Framework (RMF) for DoD Information Technology (IT))
  • Ensure that the information systems are configured in accordance with DISA Security Technical Implementation Guides (STIGs), applicable patches and other cybersecurity requirements
  • Provide personnel with extensive experience with DoD security hardening, collection and assessment tools (STIGs, ACAS SCAP, Nessus, etc.) and experience with security architectures, firewalls and network access
  • Possess extensive experience in cybersecurity documentation and system authorization artifacts (System Security Plan, lifecycle documentation, continuous monitoring plan, Security Assessment Plan, Security Assessment Report, Risk Assessment, etc.)
  • Have extensive knowledge of and review the Risk Management Framework (RMF) Knowledge Service which is the DoD’s official site for enterprise RMF policy and implementation guidelines
  • Review and ensure that any RMF activities adhere to the operational Tactics, Techniques and Procedures (TTPs)
  • Apply technical standards and security policy for LAN topologies and components; identify and remediate security vulnerabilities
  • Draft and maintain Standard Operating Procedure (SOP) documents for the functional category
  • Take immediate action to remedy system vulnerabilities
  • Install, configure, troubleshoot, and support firewalls

Other duties as assigned

Job Requirements

Minimum Qualifications:

  • 10+ years of practical experience minimum in web-based system, data, and network security
  • S. Citizen capable of passing a NACI background investigation
  • Current CISSP
  • Understanding and experience in a broad range of systems to include Linux (AIX), Windows Server, and Database (Oracle)
  • Experience working with developers to ensure compliance with NIST 800-53R4 controls and collecting evidence to demonstrate compliance.
  • Documenting and presenting suggested improvements
  • Knowledge of web architectures and object-oriented technologies
  • Verbal and written communication skills with the ability to communicate technical problems to non-technical audiences
  • Understanding and experience in a broad range of systems, industry best practices and competencies
  • Experience assessing impacts of legacy systems and addressing data related problems of system integration, security, and compatibility
  • Bachelor degree in Computer Science or related field


Preferred Qualifications:

  • Network experience with a CCNA or CCNP
  • DOEHRS-IH System Experience
  • Experience with Defense Health Agency (DHA) systems highly desired




Vintun LLC is a professional services firm that provides consulting and advisory services to clients to improve operational efficiency and to accomplish organizational objectives.  Vintun is headquartered in Alexandria, VA with client support offices in San Diego and Hawaii.  Vintun offers a highly competitive benefits package that reflects our objective of employing top industry performers. Vintun LLC is an equal opportunity employer and does not discriminate against applicants based on race, color, creed, religion, medical condition, legally protected genetic information, national origin, sex (including pregnancy, childbirth or related medical condition), sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status or legally protected characteristics.


Please note: Vintun LLC reserves the right to change or modify job duties and assignments at any time.  The above job description is not all encompassing.  Positions functions and qualifications may vary depending on business needs.