Posted today
Top Secret/SCI
Senior Level Career (10+ yrs experience)
Unspecified
Full Scope Polygraph
IT - Security
Annapolis Junction, MD (On/Off-Site)
Position requires TS/SCI w/ Full-Scope Poly
Job Description:
• Provides support for a program, organization, system, or enclave’s information assurance program.
• Provides assistance for proposing, implementing, and enforcing information systems security policies, standards, and methodologies.
• Provides daily oversight and direction to ISSOs.
• Maintain the appropriate operational security posture for assigned systems, programs, and/or enclaves.
• Provide guidance and technical expertise on all matters that impact or effect the security of the information system.
• Assist in the development and execution of an enterprise level continuous monitoring program to minimize security risks and ensure compliance with that program on a routine basis.
• Developing, updating, and submitting the System Security Plan and other required documentation that make up the Security Authorization Package.
• Conduct configuration management for security-relevant changes to software, hardware, and firmware.
• Perform and deliver security impact analyses of changes to the system or its environment of operation.
• Assess the effectiveness of system security controls on an ongoing basis to determine system security status.
• Maintain and enforce IT security policies and implementation guidelines for customer systems in diverse operational environments.
• Provides configuration management for security-relevant information system software, hardware, and firmware.
Requirements:
• 14 years of related work experience in the field of security authorization.
• A Bachelor’s degree in Computer Science, Information Technology Engineering, or a related field may be substituted for 4 years’ experience.
• DoD 8570.1 compliant IAM Level III certification, such as the GSLC, CISM, CISSP (or associate) certification.
• A working knowledge of the security authorization processes and procedures as defined in the RMF in NIST SP800-37 and familiarity with the ICD503, CNSSI1253, SP800-53, etc.
• Knowledge of commercial security tools and their uses.
• Experience with hardware/software security implementations.
• Knowledge of different communication protocols, encryption techniques/tools, and PKI and authorization services.
• Familiarity with security incident management, experience collaborating with Incident Response Teams, and able to provide viable recommendations for the resolution or computer security incidents and vulnerability compliance.
• Experience creating and presenting documentation and management reports.
Preferred:
• Should have experience working with the XACTA IA Manager.
• Should be able to review NESSUS Scans and provide SAs with tasking to make necessary corrections.
Job Description:
• Provides support for a program, organization, system, or enclave’s information assurance program.
• Provides assistance for proposing, implementing, and enforcing information systems security policies, standards, and methodologies.
• Provides daily oversight and direction to ISSOs.
• Maintain the appropriate operational security posture for assigned systems, programs, and/or enclaves.
• Provide guidance and technical expertise on all matters that impact or effect the security of the information system.
• Assist in the development and execution of an enterprise level continuous monitoring program to minimize security risks and ensure compliance with that program on a routine basis.
• Developing, updating, and submitting the System Security Plan and other required documentation that make up the Security Authorization Package.
• Conduct configuration management for security-relevant changes to software, hardware, and firmware.
• Perform and deliver security impact analyses of changes to the system or its environment of operation.
• Assess the effectiveness of system security controls on an ongoing basis to determine system security status.
• Maintain and enforce IT security policies and implementation guidelines for customer systems in diverse operational environments.
• Provides configuration management for security-relevant information system software, hardware, and firmware.
Requirements:
• 14 years of related work experience in the field of security authorization.
• A Bachelor’s degree in Computer Science, Information Technology Engineering, or a related field may be substituted for 4 years’ experience.
• DoD 8570.1 compliant IAM Level III certification, such as the GSLC, CISM, CISSP (or associate) certification.
• A working knowledge of the security authorization processes and procedures as defined in the RMF in NIST SP800-37 and familiarity with the ICD503, CNSSI1253, SP800-53, etc.
• Knowledge of commercial security tools and their uses.
• Experience with hardware/software security implementations.
• Knowledge of different communication protocols, encryption techniques/tools, and PKI and authorization services.
• Familiarity with security incident management, experience collaborating with Incident Response Teams, and able to provide viable recommendations for the resolution or computer security incidents and vulnerability compliance.
• Experience creating and presenting documentation and management reports.
Preferred:
• Should have experience working with the XACTA IA Manager.
• Should be able to review NESSUS Scans and provide SAs with tasking to make necessary corrections.
group id: 91137637
