IBM Information Assurance Analyst in HAMPTON, Virginia

We live in a moment of remarkable change and opportunity. Data and technology are transforming industries, society and even the workplace—by creating professions that didn’t exist before the emergence of data, cloud, social and mobile. IBM Global Business Services is a leader in this transformation and just the place to define and develop your consulting career. At IBM, you’ll work to solve some of society’s most complex problems and uncover what’s possible as you help our global clients succeed. Join us and discover what you can make of this moment.What will you make with IBM? this exciting position, you will

  • Provide information assurance knowledge for the conduct of Information Assurance (IA) duties including Certification and Accreditation (C&A) and Information Vulnerability Management activities.

  • Have a working knowledge of the DIACAP process, the Risk Management Framework (RMF) process, system security architectures best practices, security policies, technical security safeguards, and operational security measures.

  • Lead and assist in the implementation and maintenance of DoD A&A efforts, validation of security controls, creating/maintaining security processes & procedures and maintaining continued security compliance for the a Navy client.

  • Interface with external customers to understand contract requirements and define IA related requirements, tasking, and costs in order to meet the goals of the customer.

  • Provide Information Assurance subject matter expertise throughout the tasking and translate security requirements into technical designs/solutions.

Primary Job Roles:

  • Follow the DIACAP C&A process to achieve an Authority to Operate (ATO) and maintain security compliance for Navy client

  • Maintenance of Plan of Actions and Milestones for client systems.

  • Review Federal, DoD and DISA Policies/Guidelines for best security practices in implementing secure systems for Navy Client

  • Ensure system security requirements are addressed during all phases of the system life cycle.

  • Perform Security Tests & Evaluations to validate that security controls are in place as described

  • Collaborating with the specific government and/or industry A&A authorities to ensure IA security compliance.

  • Coordinate with the IT staff to ensure all IA related issues are addressed during the preliminary and follow-on engineering phases

  • Maintain systems in the DISA Vulnerability Management System (VMS), responding to Communications Tasking Orders (CTO) and Information Assurance Vulnerability Management (IAVM) Alerts

Location: * Remote and Virginia Beach, VA - Onsite as needed (historically 5-7 days per month on average *Stay connected by subscribing to the IBMJobs blog ( for career insights, news and latest job opportunities.IBM Global Business Services: Join a Leader. Consult with us.(2252) PSHJ 1RCWV 1SCTY

  • At least 2 years of experience in DIACAP Activities, Deliverables and process to achieve ATO under the DIACAP C&A lifecycle

  • At least 2 years of experience (NOT the new RMF process—specifically the older DIACAP)

  • Conduct Information Assurance Control Assessment for DIACAP or NIST controls

  • At least 2 years of experience in Vulnerability compliance and remediation reporting.

  • At least 2 years of experience in maintaining System Plan of Action and Milestones (POA&M)

Global Services