Information Assurance Engineer

Hybrid (3 days onsite in Aberdeen, MD)

 @Orchard has been engaged to support a growing Federal Contractor with a need for an experienced Information Assurance Engineer. The IA Engineer will be responsible for ensuring the confidentiality, integrity, and availability of organizational information systems, supporting compliance with the Cybersecurity Maturity Model Certification (CMMC) framework, providing general IT support across the internal enterprise, and supporting the activities required to conduct external assessments. This is an exciting opportunity to grow your career in Information Assurance with a leader in surveillance and cybersecurity. 

As the Information Assurance Engineer you will be responsible for: 

• Formal Assessment Preparation-External
  • Engage with OSC (Organization Seeking Certification) to understand scope and boundaries of the assessment.
  • Coordinate pre-assessment logistics: request system architecture diagrams, SSPs, POA&Ms, asset inventories, and evidence artifacts, scheduling of assessments.
  • Conduct assessments as required.
• CMMC Compliance & Cybersecurity-Internal
  • Implement and maintain security controls aligned with CMMC Level 1–3 requirements.
  • Conduct gap analyses and readiness assessments for CMMC audits.
  • Develop and maintain System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and other compliance documentation.
  • Monitor and report on compliance status using tools like eMASS, ACAS, and SCAP.
  • Collaborate with stakeholders to ensure continuous improvement of cybersecurity posture.
• General IT Support
  • Provide Tier I/II support for hardware, software, and network issues.
  •  Assist in patch management, antivirus deployment, and system updates. Support user account management and access control using Active Directory.
  • Troubleshoot connectivity issues across LAN/WAN environments.
  • Maintain documentation for IT procedures and configurations.
  • Conduct system administration requirements
• Security Operations
  • Perform vulnerability scans and remediation activities.
  • Monitor system logs and alerts for suspicious activity.
  • Respond to and investigate security incidents.
  • Support endpoint protection and data loss prevention strategies.
• Training & Awareness
  • Conduct cybersecurity awareness training for staff.
  • Ensure users complete required CMMC and other system security related training modules.

Qualifications

• Bachelor’s degree in Computer Science, Information Systems, or related field.
• 5+ years of experience in cybersecurity or IT support roles.
• Familiarity with CMMC, NIST SP 800-171, and DoD 8570 requirements.
• Certifications such as Security+, CISSP, or CEH preferred.
• Strong understanding of firewalls, encryption, and access control mechanism.