Posted today
Top Secret/SCI
Senior Level Career (10+ yrs experience)
Unspecified
Full Scope Polygraph
IT - Security
Annapolis Junction, MD (On/Off-Site)
(U) Delegated Authorizing Official Representative - 35584 (U) Responsible for assisting in identifying
the overall security requirements for the
protection of data, to ensure the
implementation of appropriate information security controls, and perform and analyze
the security risk assessment, risk analysis,
risk management process, security control
assessments, and awareness activities for
systems and networking operations.
Provide assistance to ensure Cybersecurity
functions are included in the configuration
management process. Interact with
customers, Information Technology (IT)
staff, and high-level corporate officers in
defining and achieving required
Cybersecurity objectives for the
organization. Contribute to building
security architecture. Assist with the
integration of legacy systems. Contribute to
the acquisition/RDT&E environment and
building Cybersecurity into systems
deployed in operational environments.
Prepare security authorization
documentation.
(U) The Level 2 (U) Delegated Authorizing Official Representative shall possess the following
capabilities:
(U) Perform security planning, security assessment, risk analysis, risk assessment, and risk
management support activities
(U) Perform risk assessment and management to support integration of legacy systems into existing
IT environment
(U) Review and analyze Cybersecurity built into systems to be deployed to operational
environments
(U) Prepare risk assessment, plan of actions, authorization recommendations, and related security
authorization documentation
(U) Identify and support overall security requirements for the protection of data to ensure the
implementation of information security policies, activities, and controls
(U) Ensure Cybersecurity functions are included in the development and risk management process,
particularly those focusing on infrastructure protection and defensive IT strategy
(U) Facilitate interaction with customers, IT staff, and high-level corporate officers to assist in
defining and achieving required risk management objectives for the organization
(U) Qualifications:
(U) Four (4) years of experience as an IT Risk Assessor, System Security Engineer, Information
Systems Security Manager, Information Systems Security Officer, or DAO in programs and contracts of
similar scope, type and complexity is required. A Bachelor’s Degree in Computer Science or IT
Engineering or a related technical degree from an accredited college or university. In lieu of a
Bachelor’s degree, an additional four (4) years of experience for a total of eight (8) years.
(U) Working knowledge of the following is required: system security design process, defense-in
depth/breadth, engineering life cycle, information domains, cross-domain solutions, controlled
interfaces, identification, authentication and authorization, system integration, ICD 503 (formerly
NISCAP), risk management, intrusion detection, contingency planning, incident handling, configuration
control, change management, auditing, security authorization process, principles of Cybersecurity
(confidentiality, integrity, non-repudiation, availability, access control), and security testing.
DoD 8570 compliance with IAM II is required. See also Table 1: Cyberspace Workforce
Improvement Program (CWIP) Labor Category to Baseline CWIP Certification Category Matrix above.
the overall security requirements for the
protection of data, to ensure the
implementation of appropriate information security controls, and perform and analyze
the security risk assessment, risk analysis,
risk management process, security control
assessments, and awareness activities for
systems and networking operations.
Provide assistance to ensure Cybersecurity
functions are included in the configuration
management process. Interact with
customers, Information Technology (IT)
staff, and high-level corporate officers in
defining and achieving required
Cybersecurity objectives for the
organization. Contribute to building
security architecture. Assist with the
integration of legacy systems. Contribute to
the acquisition/RDT&E environment and
building Cybersecurity into systems
deployed in operational environments.
Prepare security authorization
documentation.
(U) The Level 2 (U) Delegated Authorizing Official Representative shall possess the following
capabilities:
(U) Perform security planning, security assessment, risk analysis, risk assessment, and risk
management support activities
(U) Perform risk assessment and management to support integration of legacy systems into existing
IT environment
(U) Review and analyze Cybersecurity built into systems to be deployed to operational
environments
(U) Prepare risk assessment, plan of actions, authorization recommendations, and related security
authorization documentation
(U) Identify and support overall security requirements for the protection of data to ensure the
implementation of information security policies, activities, and controls
(U) Ensure Cybersecurity functions are included in the development and risk management process,
particularly those focusing on infrastructure protection and defensive IT strategy
(U) Facilitate interaction with customers, IT staff, and high-level corporate officers to assist in
defining and achieving required risk management objectives for the organization
(U) Qualifications:
(U) Four (4) years of experience as an IT Risk Assessor, System Security Engineer, Information
Systems Security Manager, Information Systems Security Officer, or DAO in programs and contracts of
similar scope, type and complexity is required. A Bachelor’s Degree in Computer Science or IT
Engineering or a related technical degree from an accredited college or university. In lieu of a
Bachelor’s degree, an additional four (4) years of experience for a total of eight (8) years.
(U) Working knowledge of the following is required: system security design process, defense-in
depth/breadth, engineering life cycle, information domains, cross-domain solutions, controlled
interfaces, identification, authentication and authorization, system integration, ICD 503 (formerly
NISCAP), risk management, intrusion detection, contingency planning, incident handling, configuration
control, change management, auditing, security authorization process, principles of Cybersecurity
(confidentiality, integrity, non-repudiation, availability, access control), and security testing.
DoD 8570 compliance with IAM II is required. See also Table 1: Cyberspace Workforce
Improvement Program (CWIP) Labor Category to Baseline CWIP Certification Category Matrix above.
group id: 91137637
