search
backpage.com > Columbia jobs > Columbia computer/technical

Posted: Tuesday, March 21, 2017 5:43 AM

Apply Online
Security Engineer Information Assurance Analyst - 1

Title: Security Engineer Information Assurance Analyst

Function in the Cyber Security Practice: Support commercial and government customer task orders for security services.

Description:

Primary responsibility to provide "Assessment & Authorization" (A&A) support of large scale federal IT systems for the purpose of obtaining and/or maintaining Authority to Operate (ATO) certification. These assessments include the use of various technical tools to assess a target systems capabilities, deficiencies, and vulnerabilities; review of technical and administrative documentation; discussion and interviews with responsible system personnel; analyzing and assessing various data points to identify the risk associated with an assessed system; providing written documentation and assessment for each assigned system.

Responsibilities:

Support the Assessment and Authorization (A&A) Risk Management Framework process for managed systems, networks, and enclaves

Provide direct support in development of other A&A related systems bodies of evidence in accordance with current NIST and RMF guidance, using the government provide A&A tool (e.g. CSAM)

Provide security engineering assessments of proposed IT solutions

Perform, participate and support all assessment and authorization (A&A) efforts for systems, networks, and applications (all security domains) IAW provided requirements

Develop all security documentation required to obtain an ATO in accordance with the RMF requirements and procedures

Develop, update, review, analyze and submit RMF and FISMA requirements

Report (consistently and accurately) IA security requirements

Review documentation with a focus on Assessment and Authorization (A&A) and IA security

Review proposed changes to systems and evaluate the impacts of those changes to the Authority to Operate (ATO)


Required General Skills:

Excellent verbal and written communication skills, including technical/non-technical communication, documentation and presentations

Strong planning, organization and time management skills with the ability to handle multiple projects with minimal direct supervision

Ability to work independently, develop and follow a work plan, meet project milestones, and interact with various levels of management

Energetic team player with strong initiative, team orientation, and excellent problem solving skills



Knowledge & Technical Skills:

Proficient with Risk Management Framework (RMF) process, NIST SP 800-37, NIST SP 800-53

Ability to conduct comprehensive security assessments to identify architectural and implementation weaknesses and determine compliance with regulatory compliance requirements

Development of
Learn more

Columbia, MD Location preference is in the National Capital Region (Columbia MD) but it could be any where (Remote)
Zip code: 21044

Function in the Cyber Security Practice: Support commercial and government customer task orders for security services.

Description:

Primary responsibility to provide "Assessment & Authorization" (A&A) support of large scale federal IT systems for the purpose of obtaining and/or maintaining Authority to Operate (ATO) certification. These assessments include the use of various technical tools to assess a target systems capabilities, deficiencies, and vulnerabilities; review of technical and administrative documentation; discussion and interviews with responsible system personnel; analyzing and assessing various data points to identify the risk associated with an assessed system; providing written documentation and assessment for each assigned system.

Responsibilities:

Support the Assessment and Authorization (A&A) Risk Management Framework process for managed systems, networks, and enclaves

Provide direct support in development of other A&A related systems bodies of evidence in accordance with current NIST and RMF guidance, using the government provide A&A tool (e.g. CSAM)

Provide security engineering assessments of proposed IT solutions

Perform, participate and support all assessment and authorization (A&A) efforts for systems, networks, and applications (all security domains) IAW provided requirements

Develop all security documentation required to obtain an ATO in accordance with the RMF requirements and procedures

Develop, update, review, analyze and submit RMF and FISMA requirements

Report (consistently and accurately) IA security requirements

Review documentation with a focus on Assessment and Authorization (A&A) and IA security

Review proposed changes to systems and evaluate the impacts of those changes to the Authority to Operate (ATO)


Required General Skills:

Excellent verbal and written communication skills, including technical/non-technical communication, documentation and presentations

Strong planning, organization and time management skills with the ability to handle multiple projects with minimal direct supervision

Ability to work independently, develop and follow a work plan, meet project milestones, and interact with various levels of management

Energetic team player with strong initiative, team orientation, and excellent problem solving skills



Required Experience, Knowledge and Skills:



1. Proficient with Risk Management Framework (RMF) process, NIST SP 800-37, NIST SP 800-53

2. Ability to conduct comprehensive security assessments to identify architectural and implementation weaknesses and determine compliance with regulatory compliance requirements

3. Development of remediation plans

4. Evaluation of the ability of security technologies to meet customer requirements

5. Knowledge and experience with interpreting reports generated from commercial and open source security tools including network/database/web application vulnerability scanners, configuration audit tools, exploitation frameworks

6. Strong familiarity with government and industry regulations and standards regarding information assurance and cyber security (e.g. FISMA, DITSCAP/DIACAP, STIGS, NIST, HIPAA, GLBA, etc.)

7. 7 years in experience in Cybersecurity area

8. 3-5 years Certification and Accreditation/ Assessment and Authorization

9. Project management work experience a plus

10. Bachelors Degree in Computer Science or related field is preferred

11. An industry recognized security certification is required (i.e. CISSP, CISSP-Associate, CISA, Security+ CE, CCNA-Security, GSEC, SSCP, CAP, CASP, CISM, GLSC, CSSLP)

12. Clearances are preferred but not required.

13. Travel: Up to 25% required

14. Present Salary

15. Salary Expectation

16. Must be a US Citizen or Green Card holder.

Apply Online

or contact us at bp+19353746@jobvertise.com


• Location: Columbia

• Post ID: 16556952 columbia
columbia.backpage.com is an interactive computer service that enables access by multiple users and should not be treated as the publisher or speaker of any information provided by another information content provider. © 2017 backpage.com