No more applications are being accepted for this job
- Assess, review, update, and develop security authorization and accreditation documentation to ensure consistency with laws, regulations, and best practices as it pertains to the systems and customer requirements.
- Work closely with Federal customers to develop and update security-related documentation to reflect the security posture of the IT system, as directed by the government and federal program managers.
- Prepare or assist in the preparation of other security documentation or reports as required to support customer engagements.
- Support ISSOs in their responsibilities for systems including Enterprise security support and risk management and system weakness management (POA&M maintenance for the Risk Management Framework Portal (RMFP)).
- Assist the Federal customer in reviewing or modifying security documentation to ensure it maintains quality and accuracy in customer products.
- Work with Engineers and System Administrators to properly document data flows, system architecture, and other necessary diagrams/charts.
- Work with various security tools including NESSUS, AppDetective, Web Inspect, AppScan, etc.
- Provide administrative support as necessary, to include, but not limited to:
- Compile, or provide input to, weekly customer status reporting (e.g. deliverables completed) and project plans
- Assist with meeting minutes and action items as need
- Attend customer meetings in person, unless otherwise noted
- 8+ years of relevant experience in Information Security for federal systems or 6+ years and a master's degree in cybersecurity; relevant cybersecurity certification
- In-depth knowledge of laws, directives, orders, etc., pertaining to IT security and directing Federal government agencies.
- Deep knowledge of NIST 800 series publications to include:800-30, 800-37, 800-53, and 800-53a.
- Demonstrated experience with all phases of the NIST Risk Management Framework (RMF)
- Technical background such as Network Engineering, Systems Administration, and Application Development. Hands on experience working with security tools like NESSUS, AppDetective, Web Inspect, AppScan, etc.
- Strong written and oral communications skills
- Ability to quickly adapt to customer, environment, policies, procedures, etc.
- Proactive and self-directed work-style
- Ability to prioritize tasks in a fast-paced environment
- Security+, CAP, CISM, CISSP, or equivalent certification by a recognized and reputable organization is desired.
- A Bachelor's Degree in Information Technology or a related discipline is preferred but not required.