Designated Authorizing Official (DAO) Senior - TS/SCI with Poly - Security Clearance Required

Your Impact :

Are you searching for a professional environment that encourages personal and educational development and dedication to the mission?

Join a team of security experts who are dedicated to protecting and securing our customers' systems at both the enterprise and program level.

Our specialists work closely with others in the RMF process to ensure the highest level of security for every system.

We are seeking a Designated Authorizing Official (DAO) Senior for a prime contract that is based out of our Columbia, MD office.

As a DAO Sr., you will serve on a team that is responsible for the Authorization and Assessment process under the Risk Management Framework (RMF) for new and existing information systems and will be expected to maintain Authority to Operate compliance for all assigned systems.

The work environment is fast-paced and sometimes involves deadline pressures. The nature of the work requires a high degree of teamwork and cooperation with other members of the staff as well as individuals across the Company and Customers.

Our program includes easily available process information and support from others with similar positions across the team.

Responsibilities :

• Assist in identifying the overall security requirements for the protection of data and ensure the proper implementation of appropriate information security controls
• Assist in performing and analyzing the security planning, assessment, risk analysis, risk management process, security control assessment, and awareness activities for systems, and networking operations.
• Assist the customer with ensuring that IA functions, particularly those focusing on infrastructure protection and defensive IT strategy, have been included in the development and risk management process.
• Interact with customers, IT staff, and high-level corporate officers to assist in defining and achieving required IA objectives for the organization.
• Contribute to building security architecture to customer standards and coordinates the integration of legacy system and existing IT environments for risk management.
• Contribute to the acquisition / RDT&E environment and building IA into systems deployed to operational environments.
• Conduct Risk Assessments, determine the risk to operations, and provide risk recommendations to the customer after reviewing a system’s overall risk posture as part of the Security Authorization (Authority to Operate) process.
• Create and review security authorization documentation and prepare plans of action and milestones based on the findings and recommendations of the security assessment report excluding any remediation actions taken for each system by working with various security stakeholders (ISSO / ISSE / ISSM / SCA) post authorization.
• Provide continuous ad hoc authorization-related daily support to both customer and programs.

divergent

Here’s what you’ll need :

• A working knowledge of the security authorization processes and procedures as defined in the RMF in NIST SP800-37 and familiarity with the ICD503, CNSSI1253, SP800-53, etc.
• Knowledge and experience in security disciplines including, but not limited to, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, information systems security, operations security, administrative security, personnel security, physical security, and communications security.
• Expert professional knowledge and experience of information systems security policies and practices, computer science, state-of-the-art security tools and applications, and a thorough knowledge of IT.
• Experience implementing the Risk Management Framework with the ICD 503 and CNSSI 1253 Security Controls.
• Experience in conducting Risk Assessments and developing realistic and comprehensive recommendations and mitigation plans.
• Working knowledge of system security design process, defense -in-depth / breadth, engineering life cycle, information domains, cross-domain solutions, controlled interfaces, and the principles of IA.
• Attendance is always critical. Must be able to work a 40-hour workweek, normally Monday through Friday. However, times and days may vary depending on business requirements.

Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur.

• Must be able to communicate effectively both verbally and in writing.
• Must put forward a professional behavior that enhances productivity and promotes teamwork and cooperation.
• Must be able to interface with individuals at all levels of the organization both verbally and in writing.
• Must be well-organized with the ability to coordinate and prioritize multiple tasks simultaneously.
• Must work well under pressure to meet deadline requirements.
• Must take and pass a drug test and background check as well as a motor vehicle records check.

Clearance Required :

TS / SCI with Poly

Minimum Education :

• A Bachelor’s degree in Computer Science, Information Technology Engineering, or a related field may be substituted for four (4) years’ experience
• DoD 8570.1 compliant IAM Level III certification, such as the GSLC, CAP, CASP, CISM and / or CISSP will be accepted.

Minimum Years of Experience :

Twelve (12) years of related work experience in the field of security authorization.

Preferred :

• Previous work experience as one of the following :
• Information Systems Security Engineer,
• Information Systems Security Officer,
• Information Systems Security Manager, or Delegated Authorizing Official
• Experience briefing senior customer personnel
• Should have experience working with the XACTA IA Manager.
• Should be highly analytical and effectively able to troubleshoot and prioritize needs, requirements, and other issues.
• Should be committed to continuous learning and system development because of the constant developing nature of cyber-attacks.
• Should have the ability to quickly learn new concepts, data formats, and software.
• Should be a self-motivated, independent, detail oriented, responsible team player, and exhibit exceptional relationship management skills.
6 days ago