Job Description :
JOB DESCRIPTION
Federate Systems is looking for a Systems Security Specialist to support one of our federal clients. Selected candidate will support scheduled OIG audits and compliance by providing coordination and guidance with agencies and System Owners. Provide necessary leadership, execution and support of compliance activities related to Federal Information Technology security mandates including but not limited to: Federal Information Management Security Act (FISMA), Federal Information System Control Audit Manual (FISCAM), Presidential Directives (PD) 63 and 67, Public Law 100-235, Office of Management and Budget (OMB) A-123, OMB A-127, and OMB A-130.
This position will be the lead for the Security Assessment Team. The IT Security Team is responsible for system security accreditation packages, incident response and managing the MTIPS solution.
JOB RESPONSIBILIIES:
Assist on investigative matters related to information security
Prepare scheduled FISMA reports
Conduct PO&AM reviews, oversight and reporting
Conduct Privacy Impact Assessments
Coordinate data collection, analysis and reporting for IT Security Data Calls, FOIA Requests and Incident reports
Perform security assessments
Manage the work of the Security Assessment Team (4-5 employees)
Develop, review and update Certification and Accreditation (C&A) packages and Authority to Operate (ATO) documentation for systems hosted and owned by client.
Maintain and manage the required systems security documentation on the DOL adopted DOJ - Cyber Security Assessment and Management (CSAM) system
Minimum documentation includes:
o System Categorization Worksheets (SCW)
o Privacy Impact Assessments (PIA)
o Security Control Assessments (SCA)
o System Security Plans (SSP)
o Risk Assessments (RA)
o Contingency Plans (CP) and testing
o FIPS 199 Security Categorization
o Security Control Test & Evaluation (SCT&E)
o Certification
o Disposition plans
Support process, technical and R&D activities
Prepare and submit SAR responses
Annual and Quarterly Security Documentation review and testing
ATO certifications and re-certifications
Security Self Assessments (SSA)
Memoranda of Understanding (MOU)
Interconnection Security Agreement(s)
Assist system owners and representatives with use of CSAM as it pertains to the management of their system’s security documentation
Conduct reviews on Information Systems security documents on a quarterly basis for all hosted systems to minimally include:
o Plan of Action & Milestones (POA&Ms)
o Security Control Test & Evaluation (SCT&E)
o Review system security documentation
o Conduct System Owner training as requested
o Perform other duties assigned by leadership
REQUIRED EDUCATION, SKILLS AND EXPERIENCE:
At least five (5) year of relevant Security Assessment experience required
At least two (2) years of managerial experience required
At least five (5) years of experience performing A&A work
At least five (5 years of experience conducting FISMA,FISCAM, audits, as well as developing Systems Security Plans (SSP), Privacy Impact Assessments, Contingency Plans and certifications (ATO, C&A)
Knowledge of NIST Risk Management Framework
Excellent attention to detail capability
Excellent oral and written communication skills
Ability to work in a fast-paced, dynamic environment
Ability to interface with all levels of management
Ability to perform complex tasks with minimal supervision and guidance
Excellent time management, scheduling, and organizational skills
Ability to work well independently or in a team setting
Knowledge of Security Practices and processes
Working knowledge of Security Assurance, Controls and Compliance programs within the Federal space
Preferred Skills:
ECouncil – Certified Ethical Hacker (CEH)
PMI – Certified Project Manager Professional (PMP)
ISACA – Certified Information Security Manager (CISM)
ITIL v3 Foundation, IT Service Management (ITSM)
Knowledge of change management, COOP and disaster recovery, backup and recovery strategy and enterprise cloud
If interested, please submit your MS Word formatted resume for review to recruiter at .