Duties and Responsibilities:
The selected candidate shall provide support to the designated Information System Security Officer (ISSO) to ensure customer systems maintain their Authority to Operate (ATO) with a security posture in accordance with DHS 4300A and NIST SP guidance.
This support shall include providing IT security assessment and IT security audit functions to ensure FISMA compliance, support in developing and maintaining documentation in support of Certification & Accreditation (C&A) as required by the Federal Information Security Management Act (FISMA); ensuring all C&A and system security documentation is kept up to date; and ensuring systems meet all security requirements mandated by DHS 4300A and DHS Management Directives.
Follow the Information Systems Security Officer (ISSO) Guide, V10, when developing, updating, or reviewing required security artifacts in the Xacta Information Assurance Manager.
Implementing Intrusion Detection Systems, Public Key Infrastructure, and preparing security related documentation for all phases of Security Life Cycle Management.
Ensure proper access controls are implemented for both system access and physical access to data processing facilities
Create, update and assess compliance of system Authority to Operate (ATO) packages.
Provide information security expertise to system development teams throughout the System Engineering Lifecycle process.
Ensure Plan of Action & Milestone (POA&M) reports are maintained and that security vulnerabilities are tracked and remediated.
EDUCATION & EXPERIENCE:
Education and Experience:
Typically requires B.S. degree and minimum of 5 years of related experience in information security
Five years' experience with security programs, policy development, security life cycle management, and security risk assessment.
Ability to obtain DHS EOD suitability or Current DHS EOD preferred.
Any DoD 8570 approved baseline certifications (e.g. CISSP, CEH, CAP, CISM)
Normal demands associated with an office environment. Ability to work on computer for long periods, and communicate with individuals by telephone, email and face to face.