(map) Workplace: Not Specified Travel: Not Specified
****MUST HAVE CURRENT TOP SECRET CLEARANCE****
JSS, Inc. currently has a need for Multiple Security Analyst specializing in C&A and FISMA support our FBI Contract in Washington, DC. The following is a list of required skills:
Position Description:
The Security Analyst will provide ISSU and DCSU technical and engineering services in delivering information assurance of confidentiality, integrity, availability, and preservation of the FBI’s information and information systems worldwide through security certification. Technical and engineering services comprise of comprehensive evaluations of information system technical and non-technical security features and other safeguards made as part of and in support of the accreditation process, and to establish the extent to which a particular design and implementation meet a specified security requirement set. The Security Analyst will assist in the refinement of current continuous monitoring tools/products and if necessary in the development of a total continuous monitoring program within the organization utilizing NIST 800-37 guide. The Security Analyst support ISSU and DCSU in ensuring that continuous monitoring is performed on all FBI systems as it pertains to the guide. The Security Analyst will support documentation development, which may involve travel to Field Offices, or oversight necessary for a successful C&A site assessment. The Security Analyst will provide day-to-day IT security support and consultation to FBI locations world-wide via FBI phone or email during the FBI’s core business hours. The Security Analyst will assist in the development and/or revision of FBI C&A processes and procedures to mirror changes in US Government policy.
The Security Analyst must have a solid technical foundation as well practical and programmatic overall security experience, have a valid Top Secret, be able to obtain SCI, and meet the following qualifications:
- CISSP, CISM, CAP or GSLC required
- Top Secret clearance required (with SCI preferred) or must be able to obtain SCI
- Excellent customer service
Deliverables:
- Will produce (per the schedule provided by the client and working with the HPES project manager/task lead) certification and accreditation packages appropriate for the Tier Levels defined in the C&A Handbook. These packages shall be submitted to the government task lead(s) a minimum 30 business days before Approval to Operate date expires. For packages that are already in the expired mode, these will be assigned per the government with an achievable due date.
- The Security Analyst will review and suggest and implement improvements on the IAS’s continuous monitoring plan. The HPES team members use NIST 800-37 as a roadmap. The HPES team member will perform continuous monitoring tasks, per the plan that is developed and approved by the government.
- The Security Analyst will conduct risk assessments for approximately 200-400 change requests per business week as defined by the Technical Configuration Control Board (TCCB). The criteria that the HPES team will be evaluated on are dependent on the technical review of each change request.
- The Security Analyst will produce site interviews and site inspection reports in accordance with the site accreditation schedule approved by the government.
- Will assist the government with continuous process improvements as it relates to C&A as well as Continuous monitoring.
- The Security Analyst will provide site accreditation training to the field offices in accordance with the schedule provided by the government task lead(s).
Founded in 2006, JSS is a Woman Owned Small Business (WOSB) headquartered in Alexandria, Virginia. JSS employs Information technology (IT) professionals supplying services to the Federal sector. Ourstaff is comprised of Information Security Experts, Application Security Developers, Security Administrators, Project Managers and Management Analysts in addition to other credentialed business professionals.
JSS is an Equal Opportunity Employer
Preferences Industry Category: Information Security
Workplace: Not Specified