Principal Duties and Responsibilities:
- Develop, update, and maintain appropriate Certification & Accreditation packages based on NIST standards for general support systems and major applications
- Recommend appropriate FIPS 199 impact level designations and identify appropriate security controls based on characterization of the general support system or major application
- Develop and maintain POA&M for all accepted risks upon completion of system C&A.
- Integrate with a team of skilled information technology security professionals demonstrating competence in the application of the system certification guidelines and procedures
- Able to provide support and guidance through the POA&M remediation process, C&A progress, including compliance monitoring of C&A artifacts, annual self-assessments (NIST 800-53), vulnerability scans.
- Awareness of current information security issues and the ability to interpret the requirements of relevant policies and standards set forth in NIST documentation, specifically, 800-37, 800-53, FIPS-199/200, and 800-30.
- Ability to communicate effectively orally and in writing to build and maintain customer satisfaction and express conclusions in a clear, technically sound manner on matters associated with information technology security.
- Identifies security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives. Develop, tests and operates firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools.
- Provides complex engineering analysis and support for firewalls, routers, networks and operating systems. Performs and evaluates vulnerability scans within a multi-platform, large enterprise environment. Reacts to and initiates corrective action regarding security violations, attempts to gain unauthorized access, virus infections that may affect the network or other event affecting security.
- Oversees user access process to ensure operational integrity of the system. Enforces the information security configuration and maintains system for issuing, protecting, changing and revoking passwords.
- Develops technical and programmatic assessments, evaluates engineering and integration initiatives and provides technical support to assess security policies, standards and guidelines; develops, implements, enforces and communicates security policies and/or plans for data, software applications, hardware and telecommunications.
- Performs complex product evaluations, recommends and implements products/services for network security. Validates and tests complex security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologies.
- Reviews, recommends and oversees the installation, modification or replacement of hardware or software components and any configuration change(s) that affects security.
- Provides complex technical oversight and enforcement of security directives, orders, standards, plans and procedures at server sites. Ensures system support personnel receive/maintain security awareness and training.
- Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information.
Other Skills/Qualifications (preferred/pluses):
- Possess security certifications (CISSP, CISM, etc.)
- Good communication skills
- Strong analytical and problem solving skills to troubleshoot and resolve network/operating system security issues
- Ability to perform and interpret vulnerability assessments
- Ability to administer the operations of a security infrastructure
- Ability to balance and prioritize work
- Bachelor's degree or equivalent combination of education and experience
- Three or more years of experience in network, host, data and/or application security in multiple operating system environments
- Demonstrate experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists
- Demonstrated Experience working with internet, web, application and network security techniques and working with relevant operating system security (Windows, Solaris, Linux, etc.)
- Proven experience working with leading firewall, network scanning and intrusion detection products and authentication technologies
- Demonstrated experience working with federal regulations related to information security (FISMA, Computer security Act, etc.) and with NIST Special Publications and C & A process methodology