{{vm.result.Pagination.TotalResults}} ResultsResult

Be on Alert – Fraudulent Employment Offers. Learn More

Petersburg, Virginia, United States of America
JOB #R1900950

Information Assurance & Certification Assessment Specialist

Working at ICF

Working at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth. If you’re seeking to make a difference in the world, visit www.icf.com/careers to find your next career. ICF—together for tomorrow.

Join our team of cyber pioneers with expertise and decades of experience defending and protecting some of the nation’s most valuable resources—ICF.  Through implementation of effective Cybersecurity solutions, ICF supports security awareness, readiness, resilience and response to cyber incidents.  Our extensive customer base has benefited from the leading-edge work our security engineers and data scientists perform in maintaining and advancing situational awareness of the current cyber threat landscape. 

Job Description:

The Information Assurance & Certification Assessment Specialist  is responsible for planning, documenting, and conducting comprehensive security assessments (audits) using both the DOD Information Assurance Certification and Accreditation Process (DIACAP) and NIST Risk Management Framework (RMF).  Additionally, the Analyst is responsible for reviewing existing documentation, IA controls, and DISA Security Technical Implementation Guideline (STIG) implementations. Work location is at Fort Lee in Petersburg, VA. Relocation assistance is available if needed. There is some travel during the year (10-15%) to GA, OH, MA and CA.

The Information Assurance & Certification Assessment Specialist will also assist in the development and maintenance of an IA program that identifies IA architecture; IA requirements; IA objectives and policies; IA personnel; and IA processes and procedures monitors the overall security posture of the client’s host-based and network-based assets by detecting, analyzing and responding to security alerts and events. 

Key Responsibilities:

  • Provide support, as needed, to the Certification board in the area of IA requirements and system authorization.
  • Perform tasks focused on the development of security test plans, conduct security testing, analyze test results, and develop risk assessment reports that document vulnerabilities, threats, impacts, and recommended mitigations.
  • Provide technical services on all aspects of Information Security; Assess system design/architecture as well as defining, and advising Information Security compliance with DISA STIGs as well as other security standards and best practices
  • Demonstrated analytical, oral, and written communication skills including to executive management.
  • Assist with preparing for various audits and inspections.

Basic Qualifications: 

  • Familiarity with DISA STIGs and other DOD security requirements a must.
  • Minimum of 3 years of network defense/information assurance experience.
  • A strong understanding of DOD information assurance policy and regulations. 
  • Familiar with Cyber Command Readiness Inspections and interpreting vulnerability scan results.
  • Candidate must be able to obtain, and maintain, the proper clearance required for this position 


  • Prefer Certified Information Systems Security Professional (CISSP), Certified Authorization Professional (CAP), GIAC Systems and Network Auditor (GSNA).
  • Require DOD 8570.01-M compliance at IAT Level II (GSEC, Security + CE, SSCP, CCNA Security, CSA+, GICSP) 

Preferred Skills/Experience:

  • Initiative and a personal interest in Information Technology Security.
  • People skills, and the ability to communicate effectively with various clients with the ability to explain and elaborate on technical details.
  • Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host based intrusion detection systems, and other security software packages.
  • Previous experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security operations center.

Professional Skills/Required Skills:

  • Excellent written and verbal communication skills.
  • Excellent problem solving skills.

ICF is an equal opportunity employer that values diversity at all levels. (EOE – Minorities/Females/ Protected Veterans Status/Disability Status/Sexual Orientation/Gender Identity)

Reasonable Accommodations are available for disabled veterans and applicants with disabilities in all phases of the application and employment process. To request an accommodation please email icfcareercenter@icf.com and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination: EEO is the law and Pay Transparency Statement.

Virginia Client Office (VA88)

Who is ICF?

A consulting services company of over 5,000 experts across 67 countries, but not your typical consultants

More jobs you might like

Mar 11, 2019
Chicago, Illinois, United States of America
Mar 11, 2019
Aberdeen, Maryland, United States of America
Mar 6, 2019
Woodlawn, Maryland, United States of America
Mar 1, 2019
Woodlawn, Maryland, United States of America
Mar 1, 2019
Woodlawn, Maryland, United States of America
Mar 1, 2019
Columbia, Maryland, United States of America
See All Jobs