Information Assurance Engineer II 10/9/2017
Quantum Research International Inc
JOB DESCRIPTIONAPPLY Overview
Quantum Research International, Inc. (Quantum) is a certified DoD Contractor providing services and products to US/Allied governments and industry in the following main areas: (1) Cyber Security/Intelligence Programs Support; (2) Command, Control, Communication, Computers, Intelligence, Surveillance, and Reconnaissance (C4ISR); (3) Space Operations and Control; (4); Warfighter Support and Logistics; (5) Weapon System Analysis; (6) Acquisition Support; (7); Test and Evaluation; and (8) Audio/Visual Technology Applications. Quantum s Corporate Office is located in Huntsville, AL, but Quantum actively hires for positions nationwide and internationally. We pride ourselves on providing high quality support to the U.S. Government and our Nation s Warfighters. In addition to our corporate office, we have physical locations in Arlington VA; Hampton Roads, VA; Bel Air MD; Colorado Springs, CO; and Shalimar, FL.
Quantum Research is currently seeking an experienced candidate to serve as an Information Assurance Engineer, aka Cloud Security Engineer.
The ideal candidate will support a cloud migration assessment of the existing 313 NGA Activities along with, designing, testing, implementing, and migrating, of each Activity into the Top Secret, Secret, and unclassified Clouds. This effort will require the analysis of current Activity s architecture and design, and researching effective and efficient cloud technologies that will allow for a minimally invasive transition to the cloud environment without impacting NGA mission capabilities. Specifically, the candidate will establish and satisfy complex system-wide information security requirements based upon the analysis of user, policy, regulatory, and resource demands. This position will support customers at the highest levels in the development and implementation of doctrine and policies. The candidate will apply expertise to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures. Responsibilities will include, but are not limited to:
* Perform cloud architecture and migration information assurance assessments for each NGA Activity eliciting functional, performance, operational, and security requirements.
* Perform all security testing described in associated Security Testing Plans and in conformance with the NGA Cloud security guidance and process. Demonstrate that the migrated Activity complies with all required security requirements.
* Confirm that the Activity will be operational and able to perform its mission requirements once transitioned from the testing stage to its production stage in the cloud environment.
* Assist in identifying activities that should be retired including completion of all required documentation and retirement approval process
Bachelor s Degree with five (5) to twelve (12) years experience. Individual should be knowledgeable of the NGA domain
Experience with cloud computing concepts and models, as well as the high-level security issues associated with the cloud, such as encryption, access control, hypervisor security and network security. This focuses on securing different cloud computing environments, including software, platform, data, and infrastructure services.
Candidate must be able to think independently and be self-motivated, with proven organizational skills, ability to multi-task and support varied assignments. Good communication skills are important, with a positive and friendly demeanor.
Experience with cloud-based data storage architectures and the controls commonly used to secure those environments, such as encryption, tokenization, data masking, data lifecycle management data rights management (DRM) technology, retention, deletion and archiving policies and ensuring the auditability of cloud data events.
Experience with the physical and virtual security risks around cloud infrastructure. This includes the protection of virtualization platforms, communication between cloud services, implementation of audit mechanisms and the development of appropriate business continuity and disaster recovery plans around the use of cloud services.
Experience with the application security issues found in cloud computing environments including cloud software assurance, the software development lifecycle (SDLC) and the appropriate integration of identity and access management solutions with cloud-based computing services.
Experience with operational issues that arise from the use of cloud computing services and the management of cloud infrastructure.
Experience with legal and regulatory issues that emerge in adopting cloud computing services. These include legal and privacy issues related to cloud computing, the impact of cloud computing on enterprise risk management programs and the auditing of cloud security controls. This includes coverage of cloud contract design, security issues related to outsourcing arrangements and the management of cloud computing vendors
Current TOP SECRET / SENSITIVE COMPARTMENTED INFORMATION (TS/SCI) clearance required.
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Equal Employment Opportunity/Affirmative Action Employer.