Title: Information Systems Security Management, Expert
Location: On-site McLean, VA
- Job Type: Full-time (40 hours per week) with benefits
- Availability: immediate
- Security Clearance: TS/SCI with FS Polygraph
- Years of Experience:
4 years with a PhD
8 years with a BS degree.
6 years with a master's degree
10 years with an AA degree
12 years with an HS diploma
Job Description:
Support customer RMF workflow and processes by proposing, coordinating, implementing and enforcing information system security policies, instructions, standards, and methodologies.
- Review and approve customer requests related to accesses, devices, and other authorizations
- Maintain current system information in XACTA to support organizational requirements and processes Evaluate the impact of network and system changes using RMF processes and approve the changes
- Manage multiple projects throughout the Authorization and Accreditation (A&A) process from concept to Authority to Operate (ATO)
- Coordinate with system stakeholders on mitigating system vulnerabilities outlined in POA&Ms
- Submit recommendations to stakeholders for system configuration deviations from the required baseline
- Conduct periodic reviews to ensure compliance with SSP
- Ensure configuration management for security-relevant IS software, hardware and firmware is maintained and documented
- Ensure system recovery processes are monitored to ensure security features and procedures are properly restored
- Ensure all IS security-related documentation is current and accessible to properly authorized individuals
- Formally notify the appropriate individuals when changes occur that might affect authorization
- Participate in governance and project reviews identified by the customer
- Require strong documentation skills to create and update policies, process documentation and procedures
- Experience with XACTA 360, Continuum, and other SCAP Compliant tools
- Demonstrated experience with RMF, ICD 503, CNSSI 1253, NIST SP 800-53/53A, and STIGs
Bachelor's Degree (in an IT-related field)
Desired Certifications
- Certified Ethical Hacker 10 (CEH)
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems auditor (CISA)
- NIST Cybersecurity Framework (NCSF)
AWS Solutions Architect Associate or Professional
