Job Requirement:  Individual would be responsible for gathering information necessary to provide recommendations in order to maintain a system's security posture. Would create and maintain the security documentation for certification and accreditation (C&A) and review system designs and proposed changes to identify potential security weaknesses.
Responsibilities:
  • Communicate with the system owner, senior leadership, and developer regarding security considerations of the system engineering life cycle
  • Develop and maintain security accreditation artifacts to include the Security Requirements Traceability Matrix (SRTM), System Security Plan (SSP), and others
  • Manage system Plan of Actions and Milestones (POA&M) to include the drafting of expectations and waivers as appropriate
  • Conduct assessments of system safeguards and controls and respond to external audits as required
  • Interview system administrators and support personnel to extract system functionality narratives
  • Control, label, virus scan and appropriately transfer data (upload/download) between information systems at varying classification levels
  • Conduct research and perform security analysis on the impacts of system designs, modifications, and technological initiatives.
  • Write and validate NIST 800-53Rev 4 control responses based on system documentation
  • Experience with DHS 4300 A policy required
  • CISSP certification is a plus
The candidate must be capable of working on multiple projects simultaneously and willing to do local travel to Arlington, VA on a regular basis while working primarily in Chantilly, VA.

An ACTIVE security clearance is required: TS/SCI

This is a full time position

Subscribe to be notified of new jobs

Personal Information









Attachments

Other Information