This individual will be responsible for assisting project teams in shepherding enterprise systems of varying complexity (to include cross domain solutions) through the Sponsors system A&A processes, will create A&A documentation and will work closely with software development teams to ensure software solutions are developed and configured according to current security guidelines in an effort to streamline successful system accreditation. This individual will serve as the primary interface between project teams and security managers to ensure and maintain a positive working relationship. This individual will brief the Sponsor for input/approval of new efforts as necessary.
***** All positions require a Active (TS/SCI) Clearance with a Polygraph to be considered *****
Bachelor's Degree in a Computer Science, Engineering or Information Security related field.
Demonstrated on-the-job experience as a Information System Security Engineer, Cyber Security Engineer or related discipline ensuring security requirements are integrated into information systems through purposeful security architecting, design, development, and configuration.
Demonstrated experience generating, reviewing, editing all forms of A&A Body of Evidence(BOE) documentation to include System Security Plans, Privileged User Guides, General User Guides, Security Control Traceability Matrix, Addendum's, Configuration Management Plans.
Knowledge of security assessment scanning tools (such as Nessus, WebInspect) commonly used as part of the A&A effort.
Demonstrated experience securing systems in preparation for A&A activities to include lock down scripts and custom mitigations such as specific application security.
Demonstrated experience leading system risk assessment audits and reviews.
Demonstrated experience correcting specific security issues for systems that did not achieve A&A.
Demonstrated experience leading and managing successful A&A of a cross domain solution, high-to-low/low-to-high.
Master's Degree in Information Technology or related field.
Certification Requirements: CISSP, ITIL, PMP