NRS Information Assurance Systems Security Officer...

Information Assurance Systems Security Officer / Engineer

Location : Chantilly, VA

Clearance : TS / SCI

Our great client is a Service-Disabled Veteran-Owned Small Business (SDVOSB) with a vision to become the trusted information technology advisors to our clients while providing superior, cost effective service.

Our reputation lies in building lasting relationships with our clients and a focus on delivering value in all we do. Our great client is currently a prime contract holder with the NGA, DLA, DIA, USDA, Coast Guard and many more

Program Description :

Defense Intelligence Agency (DIA) is an intelligence agency of the United States federal government, specializing in defense and military intelligence.

This program will be contributing to the design, development, implementation, operational sustainment, and continual improvement of IT Service Management (ITSM) capabilities, such as ServiceNow, to optimize the efficiency and effectiveness of service delivery to DIA customers stakeholders and end-users.

Job Description :

• Perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established IA standards and regulations, and recommend mitigation strategies
• Validate and verify system security requirements definitions and analysis and establishes system security designs
• Design, develop, implement and / or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection / classification requirements
• Build IA into systems deployed to operational environments
• Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application security policy and enterprise solutions
• Support the building of security architectures
• Enforce the design and implementation of trusted relations among external systems and architectures
• Assess and mitigate system security threats / risks throughout the program life cycle
• Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations
• Review Assessment and Authorization (A&A) documentation, providing feedback on completeness and compliance of its content
• Perform system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of operational IA and CND systems
• Apply system security engineering expertise in one or more of the following to : system security design process; engineering life cycle;
• information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification;
• authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling;

configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing.

• Advocate and recommend system-level solutions to resolve security requirements.
• Monitor and suggest improvement to IA policy.
• Interact with customers, IT staff, and high-level corporate officers to define and achieve required IA objectives.
• Provide the Government assistance to ensure that the architecture and design of information systems are functional and secure, including program of record systems and special purpose environments with platform IT interconnectivity.
• Provide expert guidance and work product evaluation to one or more security engineers that support Engineering teams for the design, development, implementation, evaluation, and / or integration of secure networking, computing, and enclave environments.

Minimum Experience :

• IA SAE II (CASP+, CISSP, CSSLP)
• 5+ years of experience as an ISSO.
• Experience with managing systems through the A&A process including development, review and updates of Body of Evidence artifacts in the accreditation package, development of System Security Plan (SSP), Security Test Plan (STP), Interconnection Security Agreements (ISA) and Security Controls Traceability Matrix (SCTM)
• Experience with the RMF process including obtaining and maintaining the Authority to Operate (ATO) for IT systems.
• Experience managing SPIDs in Xacta.
• Experience with IA Vulnerability Management, including ACAS scanning and patching.
• Experience with ICD 503, CNSSI 1253 and NIST 800-53 security controls
• Desired : security experience with C2S and UC2S cloud environments
• Desired : security experience with DIA’s RMF plus process
• Excellent listening, interpersonal, written, and oral communication skills

Highly self-motivated and directed

• Ability to effectively prioritize and execute tasks while under pressure
• Strong customer service orientation
• Experience working in a team-oriented, collaborative environment

Education Requirement :

• High School Diploma / GED +12
• Associates Degree +10
• Bachelors Degree +8
• Masters Degree +6
30+ days ago