|
|
Company Name:
|
Knowledge Consulting Group
|
Job Reference ID:
Date:
|
JS
11/6/09
|
Type:
Categories:
Classification:
|
perm
I.T. & Communications - IT Security
|
Location:
Zip Code:
|
Not Specified
VA-US
20190
|
Experience:
Pay:
Bonus Range:
|
|
|
|
|
|
|
Job Description
|
Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Top Secret or DHS clearance is required. JOB RESPONSIBILITIES:
- Develop, update, and maintain appropriate C&A packages based on NIST standards for general support systems and major applications.
- Recommend appropriate FIPS 199 impact level designations and identify appropriate security controls based on characterization of the general support system or major application.
- Develop and maintain POA&M for all accepted risks upon completion of system C&A.
- Assist the government with developing a network of public and private sector organizations capable of providing cost effective, quality, system and network security assessment and certification based on unified federal guidelines and procedures.
- Integrate with a team of skilled information technology security professionals demonstrating competence in the application of the system certification guidelines and procedures.
- Work with RMS and Trusted Agent FISMA to develop C&A related documentation and track POA&M and vulnerability status.
REQUIREMENTS: - Must possess 2 years dedicated information assurance/cyber security experience. B.S. Degree in a related field required but may be substituted with 4 additional years of security related experience.
- Ability to and interest in providing support and guidance to System Owner's through the four phases of C&A, including monitoring C&A artifact compliance, annual self-assessment (NIST 800-53A) completion, vulnerability scans, annual contingency plan testing, and POA&M management. Must possess experience with FISMA.
- Ability to work effectively in a team management environment and participate in collaborative initiatives which foster the mutual exchange of knowledge and expertise.
- Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.
- Ability to communicate effectively orally and in writing to build and maintain customer satisfaction and express conclusions in a clear, technically sound manner on matters associated with IT security.
- Experience with developing Security Test and Evaluation Plans and analysing the results of security test activities to evaluate the existence and effectiveness of 800-53 security controls.
DESIRED SKILLS:
- Working knowledge of the Trusted Agent FISMA tool (TAF) and the Risk Management System (RMS)
- Awareness of current information security issues and the ability to interpret the requirements of relevant policies and standards set forth in NIST documentation, specifically, 800-37, 800-53A, FIPS-199/200, and 800-30
- Knowledge of NIST in regards to how it applies to FISMA reporting
- Above average skills in MS Excel, and MS Access (to include ability to write macros, and/or code)
- CAP (Certification and Accreditation Professional)
- CISSP (Certified Information System Security Professional)
|
|
|
|
|