The most security-conscious organizations trust Telos Corporation to protect their vital IT assets. The reputation of our company rests on the quality of our solutions and the integrity of our people. Explore what you can bring to our solutions in the areas of cyber, cloud and enterprise security.

Be a part of the Telos culture and see what sets us apart! Telos offers an excellent compensation package with benefits that include generous paid time off, medical, dental, vision, tuition reimbursement, and 401k. Our employees enjoy more than just a great work environment!

 

This position will be based in our HQ located in Ashburn, VA, Telos facilities in Fulton, MD or at contractor facilities in Charleston, SC OR Remote.

 

Responsibilities:

Provide IA support that include providing IA management, IA technical, Security Test and Evaluation (ST&E), and independent verification and validation (IV&V) support to networks/enclaves and programs of record (PORs)/platforms information technology (PITs), automated tool support, IA assessment and package development support, and incident response support. Provide assistance to enclave personnel in completing required A&A documentation, addressing Independent Verification and Validation (IV&V) results, and assisting enclave personnel in preparing Interim Approval to Operate (IATO) and ATO packages for review by the Validator, Security Control Assessor (SCA), and the Authorizing Official (AO) Provide assistance to Navy Medicine sites in updating outstanding actions contained in their plans of action and milestones (POA&Ms); recommending security risk-mitigations; and requesting extensions for expiring IATOs as required Conduct liaison with Navy Medicine sites in preparation for A&A activities Make recommendations concerning certification; support and provide minutes and status reports for collaborative meetings with Navy SCA/AO points of contact to update and enhance IA documentation accordingly Participate in A&A process improvement activities. Use automated collection utilities that supplement and expedite this information-gathering process by performing system discovery, and hardware and software listings. Use Software and testing tools such as eye Retina, Nessus, DISA SRR scripts, and ACAS will be used to perform non-invasive independent application and OS software and patch inventory and configuration collection of all system servers and workstations. Use Nessus/ACAS/Retina or other approved automated tools will be used via an approved testing methodology to gather version information for all applications and detailed configuration data about the underlying operating system and will leave no data or executables on DHA equipment.  Candidate must be familiar with Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs), Health Insurance Portability and Accountability Act (HIPAA) requirements. Must be familiar with IA vulnerability management (IAVM) compliance, and other DHA/Navy requirements, policies, and best business practices; Conduct IV&V activities at DHA network/enclave sites and PORs/PITs using standardized procedures and scoring methodology IAW DoD policy and RMF Validate all applicable IA controls; perform a vulnerability and risk assessment of identified vulnerabilities and identify countermeasures Consolidate, review, analyze, and produce reports containing the assessment and IV&V results to DHA.