• Bachelor’s Degree in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline.
• 12+ years total experience, of which nine (9) years explicitly performing Accreditation and Authorization (A&A) / Certification and Accreditation (C&A);
• Previous experience leading/supervising Information System Security Officers (ISSOs) and Security Control Assessors in performing A&A / C&A activities;
• Working knowledge of US Government security regulations and methodologies, FISMA, FedRAMP, and NIST special publications;
• Applied knowledge of Information Systems Security Officer (ISSO) C&A/A&A activities;
• Applied knowledge of performing security control assessment and testing as Security Control Assessor;
• General technical knowledge of mainstream operating systems (Microsoft Windows, UNIX and Linux), system design/development, and network architecture.
• Excellent self-motivation, time management, teamwork, and client service skills;
• Excellent oral and written communication skills including the ability to convey complex technical information to individuals or groups in an effective manner, listen to others and respond appropriately, and develop clear and accurate technical documentation;
• Good problem-solving skills including the ability to anticipate as well as identify problems, use sound judgment to generate and evaluate alternatives, and make recommendations.
Desirable additional experience
• Applied knowledge of performing privacy control assessment and testing;
• Cyber Security Assessment and Management. (CSAM) experience.
The successful candidate will be able to:
• Support on-site CACI program management staff as appropriate;
• Lead team of five (5) Information System Security Officers (ISSOs) and Security Control Assessors (SCAs);
• Delegate, direct, and supervise team member activities and tasks;
• Coordinate team activities with ITA government and contractor management personnel;
• Support ISSOs in development and management of relevant ISSO duties such as plan of actions and milestones (POAM), waiver requests, security guidelines and checklists for ITA systems/devices, and other ISSO duties as necessary;
• Support SCAs in relevant SCA duties such as system assessments, the development of authorization materials, and other SCA duties as necessary;
• Perform quality review of ISSO and SCA generated materials;
• Coordinate and interact with government and other contractor staff with technical understanding of systems and applications to ensure the A&A activities comprehensively apply to each individual system;
• Ensure A&A packages are complete and thoroughly documented in accordance with requisite federal requirements;
• Submit Authorization Packages for Certifying and Authorizing Official deliberation;
• Generate weekly activity summary reports;
• Develop and maintain A&A-related document templates;
• Develop and maintain A&A-related Standard Operating Procedures (SOPs);
• Maintain cooperative relationship with business partners or system stakeholders throughout ITA and other interconnected systems; and
• Advise system/information owners regarding security and risk considerations in applications systems procurement or development, implementation, operation and maintenance, and disposal activities (i.e. life cycle management), as needed.
• Maintain compliance to organizational security policies and government regulations