Information Assurance Engineer

Job Locations US-VA-Arlington
Posted Date 1 day ago(3/19/2018 8:42 AM)
# of Openings
Information Technology


IOMAXIS is actively seeking an Information Assurance Engineer to support technical assessments and provide expertise to specific projects. This would require being able to understand a complex system in a short amount of time, determine its security weaknesses at all layers to include hosts, databases, middleware, and applications and then generating clear, descriptive reports that include corrective actions to help guide the developer on how to mitigate the weaknesses. This is a full time position. Choose your seat Ballston VA or Chantilly VA. Remote options are available after start. Interviews begin immediately.   


What You Will Be Doing:

  • Web Application Penetration Testing using a proxy tool and manual techniques
  • Assessment of applications against the OWASP Top 10 and SAN top 25 to include how that guidance maps to NIST 800-53
  • Perform manual verification of DISA Security Technical implementation guides against web and host configurations to include Unix and Windows based systems
  • Write custom SCAP content customization
  • General manual testing scripts in either perl or python (powershell a plus)
  • Navigate and assess industry leading DBMS such as Oracle, MSSQL, and mySQL
  • Review security architecture design and configurations to include IDS, SIEM, Firewall, Web Proxies, endpoint protection etc. to determine their level of effectiveness and compliance
  • Communicate with the system owner, senior leadership, and developer regarding security considerations of the system engineering life cycle
  • Develop and maintain security accreditation artifacts to include the Security Requirements Traceability Matrix (SRTM), System Security Plan (SSP), and others
  • Manage system Plan of Actions and Milestones (POA&M) to include the drafting of expectations and waivers as appropriate
  • Conduct assessments of system safeguards and controls and respond to external audits as required
  • Interview system administrators and support personnel to extract system functionality narratives
  • Control, label, virus scan and appropriately transfer data (upload/download) between information systems at varying classification levels
  • Conduct research and perform security analysis on the impacts of system designs, modifications, and technological initiatives.
  • Write and validate NIST 800-53Rev 4 control responses based on system documentation





  • Bachelors degree.  MS degree can substitute for 2 yrs exp; PHD can sub for 5 yrs



  • Ability to follow and understand, C#, Ruby, Scala and Java programing languages and their associated runtime environments
  • Experience using industry leading tools such as Metasploit, Burp Suite, Kali Linux, Nessus, AppDetective, Web Inspect, Acunetix, Fortify – HANDS-ON EXPERIENCE required
  • 2 years experience performing duties similar to those described above



Top Secret with SCI eligibility




Unleash your potential and make a dramatic impact! 


Over the past 10 years, IOMAXIS has advanced the state of Cyber RDT&E by bringing together the best software, hardware, communications and security experts in the industry and leveraging our decades of operational experience to help Federal agencies and organizations develop critical solutions for difficult missions around the globe.  Today, we’re proud to say the most important Federal clients rely on our solutions to perform their missions by developing solutions faster, reducing complexity, cutting costs, and providing a profound level of innovation. IOMAXIS helps our customers deliver exceptional value to their client, America and its people.  IOMAXIS leads the industry in developing superior technologies and services, delivering actionable capabilities and insight— right when customers need it most. 


IOMAXIS is an Equal Opportunity Employer and considers all qualified applicants for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, disability or protected veteran status.





Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed