Sign Up Sign Up Log In Sign Up
This job has expired and you can't apply for it anymore. Start a new search.

Information Assurance (IA) Testing and Evaluation Specialist


Position Description:

SAIC is currently looking for a Testing and Evaluation Specialist in Washington, DC to support the Vanguard 2.2.1 Program, Information Assurance Service Line.  

This position will be instrumental in assisting the IA Directorate in developing the Cloud Common Control program.  Under the Information Assurance Service line, the Testing and Evaluation Specialist will support the Department of State (DOS), Bureau of Information Resource Management (IRM), Information Assurance (IA) Directorate.   The Testing and Evaluation Specialist will be responsible for developing and conducting tests of systems to evaluate compliance with specifications and requirements by applying principles and methods for cost-effective planning, evaluating, verifying, and validating of technical, functional, and performance characteristics (including interoperability) of systems or elements of systems incorporating IT. The Testing and Evaluation Specialist will work with and assist IA stakeholders with documenting new or updating existing plans, processes, procedures, work instructions and other documentation, identifying where processes can be streamlined, ensuring that the document management process is followed. The Testing and Evaluation Specialist will report directly to the Vanguard 2.2.1 Service Line Director.   

Description of Duties:

The Testing and Evaluation Specialist is responsible for supporting the process definition and improvements activities under the Cloud Common Control project.   The Testing and Evaluation Specialist is responsible for ensuring the IA Cloud Common Control project is in compliance with the NIST standards and IRM/IA’s requirements, and Vanguard 2.2.1 contract requirements.


The Testing and Evaluation Specialist is responsible for:

  • Analyzing test data.
  • Collecting, verifying, and validating test data.
  • Translating data and test results into evaluative conclusions.
  • Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 


Required Education/Experience: 
  • Bachelor’s Degree in related discipline and 5+ years of experience working in a technical operations environment supporting mission critical systems. Additional experience in lieu of a degree will be considered.

Required Experience/Skills/Attributes:  

  • Cloud infrastructure experience, AWS and Azure who can document controls implementation statements in Xacta before an assessment
  • Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
  • Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
  • Ability to effectively collaborate via virtual teams.
  • Ability to evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products.
  • Ability to exercise judgment when policies are not well-defined.
  • Ability to focus research efforts to meet the customer’s decision-making needs.
  • Ability to function effectively in a dynamic, fast-paced environment.
  • Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.
  • Must be able to provide an independent assessment of how the IA’s processes are being implemented relative to the defined processes to optimize the current work.
  • Must have demonstrated and proven skills in writing documentation (i.e. standard operating procedures, user guides, and similar products) to clearly disseminate relevant information to an enterprise-wide audience to increase user awareness and provide relevant and different types of materials. 
  • Extremely strong, proficient and demonstrated oral and written communication skills with experience working effectively with direct customer, senior management, project management team members, and technical staff members regarding communication and system issues. 
  • Exceptional interpersonal, oral and written communication skills, with ability to work directly with customers, including VIP’s.
  • Ability to draft and generate original document artifacts.
  • Strong organizational skills; ability to manage multiple tasks in a fast-paced environment with competing priorities and quick turnaround deliverables, and exceptional attention to details.
  • Ability to work independently and focus on delivery of products and services on time.
  • Strong analytical, critical thinking and problem-solving skills.
  • Exhibits objectivity and openness to others’ views as well as gives and welcomes feedback. Demonstrate an adaptive style that is flexible and effective in gaining cooperation of others.
Desired Experience/Skills/Attributes: 
  • Knowledge of computer networking concepts and protocols, and network security methodologies. 
  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). 
  • Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. 
  • Knowledge of cybersecurity and privacy principles. 
  • Knowledge of cyber threats and vulnerabilities. 
  • Knowledge of organization's enterprise information security architecture. 
  • Knowledge of organization's evaluation and validation requirements. 
  • Knowledge of Security Assessment and Authorization process. 
  • Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 
  • Knowledge of systems testing and evaluation methods.
  • Knowledge of the systems engineering process.
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). 
  • Knowledge of cybersecurity-enabled software products.
  • Knowledge of Personally Identifiable Information (PII) data security standards. 
  • Knowledge of an organization's information classification program and procedures for information compromise. 
  • Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). 
  • Knowledge of analytical constructs and their use in assessing the operational environment.
  • Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.).
  • Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
  • Knowledge of the intelligence frameworks, processes, and related systems.
  • Knowledge of the structure and intent of organization specific plans, guidance and authorizations.
  • Knowledge of the ways in which targets or threats use the Internet.
  • Knowledge of threat and/or target systems.
  • Knowledge of what constitutes a “threat” to a network.
  • Knowledge in IT Service Management (ITSM), IT Infrastructure Library (ITIL) certification a strong plus.
  • Competency in Microsoft SharePoint and Microsoft Office products, including Visio.
  • Experience with quality assurance, and quality control a plus.
Experience with process definition and improvement 


Clearance Requirement: SECRET (Active)


Send me email alerts for similar jobs