Information Assurance Engineer - C&A

Vienna, Virginia 22182

Post Date: 04/28/2017 Job ID: 15684 Industry: Other Area(s)

Information Assurance (IA) Engineer / Plan of Actions and Milestones (POA&M) Manager- Department of State - Vienna, VA

Our client, a SDVOSB Technology Solutions Company specializing in Cloud Computing, Information Assurance, and Mobile solutions has an immediate opening for a Risk Management Engineer for a project with the Department of State. bled Veteran Owned Small Business vice Disabled Veteran Owned Small Business 

Work Site: Contractor Facility in Vienna, Virginia


• CISSP (desired but not required)

• CAP (must have within 90 days of start)


Must haves:

• Good people skills

• Good technical writing skills

• Strong team player

• IT Security Experience

• POA&M Experience

Bachelor’s degree

Active Secret of higher clearance


Technical Skills:

  • Knowledge of Microsoft products (Word, Visio, Project), firewalls, switches, SANs, networking structures, databases, IIS, SDLC, etc.
  • Remedy experience is desired
  • Ability to learn new automated tools.



As a direct report to the Program Manager, the IAE/Plan of Actions and Milestones (POA&M) Manager functions as an information system security subject matter expert (SME) on FISMA, NIST standards and guidelines, Privacy Act, HIPAA, E-Gov, OMB Circulars A-11 and A-130, and Clinger-Cohen as they apply to data and application security.

Primary duty is POA&M Manager/SME. Manages and administrators all POA&M tickets via the BMC Remedy ticket tracking application. Tracks and monitors all POA&M activity and reports metrics as required. Engages organizations outside of Consular Affairs / Consular Systems and Technology (CA/CST) to edit, submit, complete, and closeout POA&M tickets as necessary.

Secondarily, the IAE is responsible for Assessment and Authorization (A&A) activities for CA/CST automated information systems (AIS) and provides A&A support for domestic and oversea deployed systems. In addition, the IAE tracks and reports status, and brings any obstacles that may impact the completion of the A&A to the attention of the IAE Team Lead and the Project Manager (PM) in a timely manner. The IAE ensures that A&A packages are submitted to IA and follows up to ensure IA approval is obtained prior to systems’ Authorized to Operate (ATO) expiration date.

The IAE daily function includes:

Serves as the primary IAE lead for Visa, Passport, American Citizen Overseas or CA Support for High, Moderate, and Low information systems and drives the overall A&A life-cycle process in accordance with the Department CA/CST System Development Life-Cycle (SDLC). IAE monitors the systems security posture via iPost. Analyzes production system configuration change requests (CCR) of existing systems to determine security impact using the Planned Change Comparative Analysis (PCCA) process, and initiates required actions to maintain security posture and authorization status. Conducts weekly or monthly meeting with Government Task Managers (GTMs) and developers. Schedules and facilitates boundary meeting, RMF Steps 1-3 Kick-off (RMF1-3KO) meeting, RMF Step 6 Kick-Off (RMF6KO) meeting, and attends RMF Step 4 Kick-off (RMF4KO) meeting and finding meetings. Gathers required information to support system authorization by organizing technical working groups, conducting fact-finding interviews, attending system demo, assessing system security categorization (SCF) levels, establishing system security control baseline, acting as a security advisor to the GTM during the security controls implementation.

Develops and updates the following security application documentation:

• Security Categorization Form (SCF)

• E-Authentication Form (eRA)

• System Security Plan (SSP)

Supports the Contingency Plan (CP) SME and Privacy Impact Assessment (PIA) SME in the development of the following security application documentation within CACAMS:

• Information System Contingency Plan (ISCP)

• Privacy Impact Assessment (PIA)

Complete any data call in a timely manner which include but not limited to Quarterly POA&Ms data calls. Reviews, monitors and reports POA&M status to all parties including PM, ISSP GTM, System GTM and System Development Team, and System Operation Teams.

Provides guidance to System GTM and System developers as it related to the A&A process using both the National Institute of Standard and Technology (NIST) Special Publication (SP) 800 series and Department Foreign Affairs Manual (FAM) guidelines. Assists and advises System GTMs and System developers in the design and development of secure systems architecture as well as industry best practices and information systems technologies available to meet AIS security requirement



About Catapult Staffing LLC:

Catapult Staffing supports clients in the areas of Engineering and IT, Professional Services, Finance, and Federal Government sectors. We are passionate about matching the right talent for our client, and being an advocate for our talent!  Check out our website:  

We are headquartered in Dallas, TX with offices internationally.


Woon Kim

Woon was born in South Korea, but grew up in Philadelphia. She graduated from St. Joseph’s University with a degree in International Relations. She relocated to the DC area soon after graduating college. Woon has 10 years in full life cycle recruiting as well as sales and account management experience. Fun Facts: Traveling and Cooking are two of her favorite things to do. She loves visiting different places and experiencing the local culture and cuisine.

Not ready to apply?

Send an email reminder to:

Share This Job:

Related Jobs: