Crest Security Assurance

Position Overview

The Identity Protection and Management Analyst supports the Cybersecurity Center’s mission to enhance and sustain identity protection and management services in accordance with DoD Instruction (DoDI) 8520.02 and DoDI 8520.03. This role is responsible for administering and safeguarding identity, credential, and access management (ICAM) services that protect and defend DoDIN/DCMA networks in both Unclassified (NIPRNet) and Classified (SIPRNet) environments. The Analyst ensures secure Public Key Infrastructure (PKI) operations, hardware token management, role coordination, compliance with Certificate Practice Statements (CPS), and implementation of Zero Trust (ZT) principles.

Key Responsibilities

Public Key Infrastructure (PKI) Certificate Request Processing & Token Issuance

· Serve as Registration Authority (RA), Local Registration Authority (LRA), and Key Recovery Agent (KRA) in support of DCMA components.

· Process requests for DoD and National Security Systems (NSS) PKI certificates, including issuance, revocation, and key recovery.

· Provide RA, LRA, and Key Recovery services in accordance with applicable DCMA/DoD Certificate Practice Statements (CPS) for NIPRNet and SIPRNet environments.

· Issue and manage hardware tokens (GFE), application certificates, Alternate Logon Tokens, SIPRNet Tokens, Non-Person Entity (NPE) certificates, Code Signing Certificates, and other required certificates.

· Establish, maintain, and execute Standard Operating Procedures (SOPs) within 90 calendar days of contract award, with annual reviews and updates.

· Incorporate Zero Trust principles into SOPs, including strong user authentication, least privilege access, and continuous monitoring for suspicious activity.

· Support NIPRNet and SIPRNet Hardware Token Services and coordinate assignment and administration of Trusted Agents (TAs).

· Report token actions and CPR activity metrics via monthly and annual reports.

· Maintain inventory and lifecycle oversight of CPR IT assets, locations, and authorized operators.

· Provide technical support to field personnel and develop installation procedures.

· Create and maintain an artifacts repository and dashboard for audits and supporting documentation.

Coordination of Roles and Responsibilities

· Coordinate with the DCMA Government civilian RA for assignment and administration of DCMAIT Trusted Agents (TAs).

· Establish and maintain SOPs for Trusted Agents with annual validation.

· Develop, execute, and track TA training programs with annual refresher requirements using approved DoD/DCMA collaboration tools (e.g., GVS, MS Teams).

· Maintain audit-ready documentation and dashboards supporting compliance and oversight activities.

Required Qualifications

· Experience supporting DoD PKI, ICAM, or Identity Protection programs.

· Knowledge of DoDI 8520.02 and DoDI 8520.03 requirements.

· Experience serving in RA, LRA, KRA, or Trusted Agent roles.

· Familiarity with NIPRNet and SIPRNet environments.

· Understanding of Certificate Practice Statements (CPS) and Registration Practice Statements (RPS).

· Experience implementing Zero Trust principles in identity and certificate management processes.

· Strong documentation, reporting, and metrics tracking skills.

· Ability to support audits and maintain compliance artifacts.

Preferred Qualifications

· Prior experience supporting DCMA or other DoD agencies.

· Experience with hardware token lifecycle management.

· Knowledge of Non-Person Entity (NPE) and Code Signing certificate management.

· Experience developing SOPs and delivering formal training.

Key Competencies

· Attention to detail and procedural compliance.

· Strong analytical and problem-solving skills.

· Ability to manage multiple security-sensitive processes simultaneously.

· Effective communication and coordination across government and contractor personnel.

· Commitment to cybersecurity best practices and Zero Trust principles.

IAT Level II (IAT II) Requirements

Position requires compliance with DoD 8570/8140 IAT Level II requirements.

· IAT II candidates must possess at least three (3) years of experience in Information Assurance (IA) technology or a related field.

Must hold one of the following active certifications:

· CCNA-Security

· CySA+

· GICSP

· GSEC

· Security+ CE

· CND

· SSCP

Pay: $85,000.00 - $90,000.00 per year

Benefits:

• 401(k)
• Dental insurance
• Health insurance
• Life insurance
• Paid time off
• Referral program
• Vision insurance

License/Certification:

• IAT II (Required)

Security clearance:

• Secret (Required)

Ability to Commute:

• Fort Gregg-Adams, VA 23801 (Required)

Work Location: In person