- Recertify and Reaccredit a portion of the Network for the client per FISMA requirements.
- The IT Security Specialist shall have six years of experience in the Federal and NIST based certification and accreditation process in accordance with NIST 800-37.
- Must have hands on experience with the following:
- Writing system security plan in accordance with NIST 800-18 Rev. 1.
- Developing Risk Assessment reports in accordance with NIST 800-30.
- Contingency Plan development and testing.
- Vulnerability scanners such as Nessus, WebInspect, AppDetective and/or ISS or Foundstone.
- Writing ST&E and conducting security test and evaluations for major applications and general support systems (GSS).
- Required certifications CISSP or CAP.
Job Openings @AML.ms
Wednesday, July 23, 2008
C&A Consultant, Washington DC
We have a short term opportunity and need a couple of candidates for some C&A work in the DC metro area.
Tuesday, July 22, 2008
ArchSight Admin, Arlington VA
ArchSight Admin to work from Leesburg, CS bachelors, 5 years experience with Archsight, or 10 years total experience, Secret clearance.
Wednesday, July 9, 2008
Single Sign-on/CIdM Senior Business Analyst, Washington , DC
Description of Duties:
To support the requirements and project analysis of the Cyber Identity Management in the areas of capability, capacity, performance, use cases, and operations etc.
Activities include:
1) Collect business and technical requirements from all stakeholders and analyze requirements with architects and engineers to finalize the best approaches and solutions to implement an enterprise-wide Cyber Identity Management system including HSPD-12, PKI, Biometrics, and Single Sign-on services; 2) Ensure the solutions adhere to DHS Enterprise Architecture standards and other applicable DHS standards; 3) Help establish a framework to guide the design of the SSO/CIdM solutions and implementation approaches; 4) Ensure information assurance requirements, procedures, processes, techniques, and technologies are addressed and applied throughout the System Development Life Cycle, Systems Assurance process, IT architecture development process, Configuration Management, and IT operations processes and procedures; 5) Produce product-specific analysis and testing results documents and use cases; 6) Research, evaluate, acquire, implement, and integrate single sign-on security tools; 7) Understanding the nature of organizational systems and applications to determine the level of protection needed and the level of risk that can be tolerated; 8) Working with Program Offices and Other Components within ICE and DHS to ensure business requirements and processes are fully integrated into the CIdM design and implementation; 9) Conduct cost and ROI analysis to clearly demonstrate risks, benefits, and trade-offs to facilitate decision-making process; 10) Devise configuration management and maintain change control processes;
Qualifications:
1. Active DoD Secret clearance or above; preferably current DHS/ICE clearance
2. Over 10 years of experience in IT with at least 7 years specifically in the analyst role for project and/or business operations
3. Excellent understanding of project lifecycle management especially in the requirement collection, analysis, and maintenance areas
4. Excellent analytical skills with good understanding in project financial and return on investment analysis
5. Excellent writing, oral communication, and people skills
6. Excellent in mapping organization's missions, goals, and policies into strategies, plans, and tangible deliverables
7. Sensitive to organizational culture issues and is able to work through and out of the difference and produce results
8. Good understanding of the requirements of HSPD-12
9. General understanding of Cyber Identity Management based on Public Key Infrastructure (PKI) with its concept, lifecycle, applications, and operations
10. General understanding of the concept and technologies of Single Sign-on
11. Good understanding of federal Enterprise Architecture reference model
12. An independent thinker and self-motivated worker yet work well in a team-oriented environment
Clearances/Certifications necessary: US Citizen, Clearable for DHS Public Trust Clearance
Location: 1120 Vermont Avenue, Washington , DC 20005
To support the requirements and project analysis of the Cyber Identity Management in the areas of capability, capacity, performance, use cases, and operations etc.
Activities include:
1) Collect business and technical requirements from all stakeholders and analyze requirements with architects and engineers to finalize the best approaches and solutions to implement an enterprise-wide Cyber Identity Management system including HSPD-12, PKI, Biometrics, and Single Sign-on services; 2) Ensure the solutions adhere to DHS Enterprise Architecture standards and other applicable DHS standards; 3) Help establish a framework to guide the design of the SSO/CIdM solutions and implementation approaches; 4) Ensure information assurance requirements, procedures, processes, techniques, and technologies are addressed and applied throughout the System Development Life Cycle, Systems Assurance process, IT architecture development process, Configuration Management, and IT operations processes and procedures; 5) Produce product-specific analysis and testing results documents and use cases; 6) Research, evaluate, acquire, implement, and integrate single sign-on security tools; 7) Understanding the nature of organizational systems and applications to determine the level of protection needed and the level of risk that can be tolerated; 8) Working with Program Offices and Other Components within ICE and DHS to ensure business requirements and processes are fully integrated into the CIdM design and implementation; 9) Conduct cost and ROI analysis to clearly demonstrate risks, benefits, and trade-offs to facilitate decision-making process; 10) Devise configuration management and maintain change control processes;
Qualifications:
1. Active DoD Secret clearance or above; preferably current DHS/ICE clearance
2. Over 10 years of experience in IT with at least 7 years specifically in the analyst role for project and/or business operations
3. Excellent understanding of project lifecycle management especially in the requirement collection, analysis, and maintenance areas
4. Excellent analytical skills with good understanding in project financial and return on investment analysis
5. Excellent writing, oral communication, and people skills
6. Excellent in mapping organization's missions, goals, and policies into strategies, plans, and tangible deliverables
7. Sensitive to organizational culture issues and is able to work through and out of the difference and produce results
8. Good understanding of the requirements of HSPD-12
9. General understanding of Cyber Identity Management based on Public Key Infrastructure (PKI) with its concept, lifecycle, applications, and operations
10. General understanding of the concept and technologies of Single Sign-on
11. Good understanding of federal Enterprise Architecture reference model
12. An independent thinker and self-motivated worker yet work well in a team-oriented environment
Clearances/Certifications necessary: US Citizen, Clearable for DHS Public Trust Clearance
Location: 1120 Vermont Avenue, Washington , DC 20005
Single Sign-on/CIdM Information Systems Security Officer, Washington , DC
Description of Duties:
To develop, implement, and maintain a Certification and Accreditation (C&A) program to support Cyber Identity Management (CIdM) systems and services.
Activities include:
1) Managing and mitigating risks associated with CIdM information systems; 2) Providing guidance and technical direction in support of risk management, certification and accreditation (C&A), FISMA, and various oversight audits; 3) Facilitating interactions with the appropriate DAA, ISSO, and other relevant parties, the risk management activities for CIdM Systems; 4) Preparing acceptable C&A documentation: System Security Plans (SSP), Risk Assessments, Security Operating Procedures or Guides, Security Test and Evaluations (ST&E) Test Plans (Pre-Operational and Operational), ST&E Test Plan Results Reports, Contingency Plans (CP), CP Test Plans and Results, Inter-Agency Security Agreements (ISA) and Rules of Behavior; 5) Preparing and submit Security Evaluation Reports (SERs) for Certification Official review and approval and submission to the appropriate DAA for the accreditation decision; 6) Provide expert Information Assurance (IA) input throughout the Systems Lifecycle Management (SLM)
Qualifications:
Required:
1. Active DoD Secret clearance or above; preferably current DHS/ICE clearance
2. Over 10 years of experience in IT with at least 5 years specifically in the Information Security area
3. Excellent understanding of the requirements, methodologies, documentation, and coordination of completing FISMA compliance by following NIST publications
4. Excellent understanding of how to integrate information security requirements into the System Development Lifecycle (SDLC) preferably by following NIST 800-64
5. Excellent writing and oral communication skills
6. Good understanding of Cyber Identity Management based on Public Key Infrastructure (PKI) with its concept, lifecycle, applications, and operations
7. Good understanding of the requirements of HSPD-12
8. General understanding of the concept and technologies of Single Sign-on
9. An independent thinker and self-motivated worker yet work well in a team-oriented environment
Desired:
1. CISSP certification desirable but not required.
Clearances/Certifications necessary: US Citizen, Clearable for DHS Public Trust Clearance
Location: 1120 Vermont Avenue, Washington , DC 20005
Team Size: 25 Team members
Start Date: ASAP
Duration: 6 months to permanent
To develop, implement, and maintain a Certification and Accreditation (C&A) program to support Cyber Identity Management (CIdM) systems and services.
Activities include:
1) Managing and mitigating risks associated with CIdM information systems; 2) Providing guidance and technical direction in support of risk management, certification and accreditation (C&A), FISMA, and various oversight audits; 3) Facilitating interactions with the appropriate DAA, ISSO, and other relevant parties, the risk management activities for CIdM Systems; 4) Preparing acceptable C&A documentation: System Security Plans (SSP), Risk Assessments, Security Operating Procedures or Guides, Security Test and Evaluations (ST&E) Test Plans (Pre-Operational and Operational), ST&E Test Plan Results Reports, Contingency Plans (CP), CP Test Plans and Results, Inter-Agency Security Agreements (ISA) and Rules of Behavior; 5) Preparing and submit Security Evaluation Reports (SERs) for Certification Official review and approval and submission to the appropriate DAA for the accreditation decision; 6) Provide expert Information Assurance (IA) input throughout the Systems Lifecycle Management (SLM)
Qualifications:
Required:
1. Active DoD Secret clearance or above; preferably current DHS/ICE clearance
2. Over 10 years of experience in IT with at least 5 years specifically in the Information Security area
3. Excellent understanding of the requirements, methodologies, documentation, and coordination of completing FISMA compliance by following NIST publications
4. Excellent understanding of how to integrate information security requirements into the System Development Lifecycle (SDLC) preferably by following NIST 800-64
5. Excellent writing and oral communication skills
6. Good understanding of Cyber Identity Management based on Public Key Infrastructure (PKI) with its concept, lifecycle, applications, and operations
7. Good understanding of the requirements of HSPD-12
8. General understanding of the concept and technologies of Single Sign-on
9. An independent thinker and self-motivated worker yet work well in a team-oriented environment
Desired:
1. CISSP certification desirable but not required.
Clearances/Certifications necessary: US Citizen, Clearable for DHS Public Trust Clearance
Location: 1120 Vermont Avenue, Washington , DC 20005
Team Size: 25 Team members
Start Date: ASAP
Duration: 6 months to permanent
Sr. Security Risk Analyst (x2), Washington , DC
JOB DESCRIPTION:
Scope: Responsible for verifying the integrity of compliance and oversight program duties, including risk management, certification and accreditation, vulnerability and threat analysis, FISMA compliance, and other security activities for a large scale Federal organization. Responsible for conducting evaluation and analysis of artifacts and conducting automated tests. Responsible for developing test scripts and implementing them for automated systems and general support systems. Ensures compliance with government and company security policies and procedures. Reviews and investigates non-compliance issues. Responsible for designing, developing or recommending integrated security system solutions that will ensure proprietary/confidential data and systems are protected. Coordinates the activities of a section or department with responsibility for results in terms of costs, methods used, and employees. Provides technical engineering services for the support of integrated security systems and solutions. Participates with the client in the strategic design process to translate security and business requirements into technical designs. Configures and validates secure systems and tests security products and systems to detect security weakness. Works on problems of diverse scope. May be responsible for the technical direction, leadership, and training of less experienced staff. Ensures project schedules and performance requirements are met. Contributes to the development of organization's goals and objectives. Regularly interacts with customer and/or functional per group managers. May interact with senior management. Interactions normally involve matters between functional areas, other company divisions or units, or customers and the company.
REQUIRED EDUCATION/SKILLS:
BS degree in Computer Science or related field plus 8+ years related work experience. Superior writing and analytical skills. Knowledge of Federal Government security management, operational, and technical requirements. U.S. Citizenship required and the ability to obtain and U.S. Public Trust Suitability and Top Secret Clearance.
DESIRED SKILLS:
Master's Degree, CISSP or equivalent certification.
Clearances/Certifications necessary: US Citizen, Clearable for DHS Public Trust Clearance
Location: 1120 Vermont Avenue, Washington , DC 20005
Start Date: ASAP
Scope: Responsible for verifying the integrity of compliance and oversight program duties, including risk management, certification and accreditation, vulnerability and threat analysis, FISMA compliance, and other security activities for a large scale Federal organization. Responsible for conducting evaluation and analysis of artifacts and conducting automated tests. Responsible for developing test scripts and implementing them for automated systems and general support systems. Ensures compliance with government and company security policies and procedures. Reviews and investigates non-compliance issues. Responsible for designing, developing or recommending integrated security system solutions that will ensure proprietary/confidential data and systems are protected. Coordinates the activities of a section or department with responsibility for results in terms of costs, methods used, and employees. Provides technical engineering services for the support of integrated security systems and solutions. Participates with the client in the strategic design process to translate security and business requirements into technical designs. Configures and validates secure systems and tests security products and systems to detect security weakness. Works on problems of diverse scope. May be responsible for the technical direction, leadership, and training of less experienced staff. Ensures project schedules and performance requirements are met. Contributes to the development of organization's goals and objectives. Regularly interacts with customer and/or functional per group managers. May interact with senior management. Interactions normally involve matters between functional areas, other company divisions or units, or customers and the company.
REQUIRED EDUCATION/SKILLS:
BS degree in Computer Science or related field plus 8+ years related work experience. Superior writing and analytical skills. Knowledge of Federal Government security management, operational, and technical requirements. U.S. Citizenship required and the ability to obtain and U.S. Public Trust Suitability and Top Secret Clearance.
DESIRED SKILLS:
Master's Degree, CISSP or equivalent certification.
Clearances/Certifications necessary: US Citizen, Clearable for DHS Public Trust Clearance
Location: 1120 Vermont Avenue, Washington , DC 20005
Start Date: ASAP
Sr. Security Policy Analyst
POSITION OVERVIEW:
Provide guidance and technical direction in support of the development and promulgation of IT Security policy and guidance and ICE Supplemental Guidance for SBU and NSS systems. Perform extensive review of IT security policy and system compliance with security certification and accreditation (C) requirements and NIST 800-53A Controls established by the DHS Chief Information Security Officer and higher authority. Evaluate new and proposed IT Security policy changes and ensure discussion among interested parties. Participate in ICE, DHS and other government working groups as appropriate and communicate all policy concerns to OCIO and IAD. Develop and maintain an extensive list of ICE waivers and exceptions as appropriate.
REQUIRED EDUCATION:
Bachelors degree or 6 years experience in lieu of degree and 8+ years related work experience.
REQUIRED EXPERIENCE:
Must have superior writing skills and excellent MS Project and Excel skills. Outstanding verbal communication skills are required and experience interviewing mid to senior level federal employees regarding detailed aspects of major IT program elements. Experience briefing senior personnel on a wide range of IT security policy issues and technologies. Demonstrated motivation to learn new skills and improve on existing ones while supporting a highly visible program within a major federal agency. Familiarity with established IT security principles and government documents and programs such as the Federal Information Security Management Act (FISMA), DITSCAP, NIACAP, DIACAP, and NIST accreditation requirements and guidelines. U.S. Citizenship is a must and the ability to obtain a U.S. Public Trust Suitability.
DESIRED SKILLS:
Experience working on DHS or other government contracts; active secret clearance is a plus.
Clearances/Certifications necessary: US Citizen, Clearable for DHS Public Trust Clearance
Location: 1120 Vermont Avenue, Washington , DC 20005
Team Size: 25 Team members
Start Date: ASAP
Provide guidance and technical direction in support of the development and promulgation of IT Security policy and guidance and ICE Supplemental Guidance for SBU and NSS systems. Perform extensive review of IT security policy and system compliance with security certification and accreditation (C) requirements and NIST 800-53A Controls established by the DHS Chief Information Security Officer and higher authority. Evaluate new and proposed IT Security policy changes and ensure discussion among interested parties. Participate in ICE, DHS and other government working groups as appropriate and communicate all policy concerns to OCIO and IAD. Develop and maintain an extensive list of ICE waivers and exceptions as appropriate.
REQUIRED EDUCATION:
Bachelors degree or 6 years experience in lieu of degree and 8+ years related work experience.
REQUIRED EXPERIENCE:
Must have superior writing skills and excellent MS Project and Excel skills. Outstanding verbal communication skills are required and experience interviewing mid to senior level federal employees regarding detailed aspects of major IT program elements. Experience briefing senior personnel on a wide range of IT security policy issues and technologies. Demonstrated motivation to learn new skills and improve on existing ones while supporting a highly visible program within a major federal agency. Familiarity with established IT security principles and government documents and programs such as the Federal Information Security Management Act (FISMA), DITSCAP, NIACAP, DIACAP, and NIST accreditation requirements and guidelines. U.S. Citizenship is a must and the ability to obtain a U.S. Public Trust Suitability.
DESIRED SKILLS:
Experience working on DHS or other government contracts; active secret clearance is a plus.
Clearances/Certifications necessary: US Citizen, Clearable for DHS Public Trust Clearance
Location: 1120 Vermont Avenue, Washington , DC 20005
Team Size: 25 Team members
Start Date: ASAP
Subscribe to:
Posts (Atom)