NRS Information Assurance Systems Security Officer/Engineer with Security Clearance

---

Job description

Information Assurance Systems Security Officer/Engineer Location: Chantilly, VA Clearance: TS/SCI Our great client is a Service-Disabled Veteran-Owned Small Business (SDVOSB) with a vision to become the trusted information technology advisors to our clients while providing superior, cost effective service. Our reputation lies in building lasting relationships with our clients and a focus on delivering value in all we do. Our great client is currently a prime contract holder with the NGA, DLA, DIA, USDA, Coast Guard and many more Program Description: Defense Intelligence Agency (DIA) is an intelligence agency of the United States federal government, specializing in defense and military intelligence. This program will be contributing to the design, development, implementation, operational sustainment, and continual improvement of IT Service Management (ITSM) capabilities, such as ServiceNow, to optimize the efficiency and effectiveness of service delivery to DIA customers stakeholders and end-users. Job Description: Perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established IA standards and regulations, and recommend mitigation strategies
Validate and verify system security requirements definitions and analysis and establishes system security designs
Design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements
Build IA into systems deployed to operational environments
Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application security policy and enterprise solutions
Support the building of security architectures
Enforce the design and implementation of trusted relations among external systems and architectures
Assess and mitigate system security threats/risks throughout the program life cycle
Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations
Review Assessment and Authorization (A&A) documentation, providing feedback on completeness and compliance of its content
Perform system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of operational IA and CND systems
Apply system security engineering expertise in one or more of the following to: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing.
Advocate and recommend system-level solutions to resolve security requirements.
Monitor and suggest improvement to IA policy.
Interact with customers, IT staff, and high-level corporate officers to define and achieve required IA objectives.
Provide the Government assistance to ensure that the architecture and design of information systems are functional and secure, including program of record systems and special purpose environments with platform IT interconnectivity.
Provide expert guidance and work product evaluation to one or more security engineers that support Engineering teams for the design, development, implementation, evaluation, and/or integration of secure networking, computing, and enclave environments.
Minimum Experience: IA SAE II (CASP+, CISSP, CSSLP)
5+ years of experience as an ISSO.
Experience with managing systems through the A&A process including development, review and updates of Body of Evidence artifacts in the accreditation package, development of System Security Plan (SSP), Security Test Plan (STP), Interconnection Security Agreements (ISA) and Security Controls Traceability Matrix (SCTM)
Experience with the RMF process including obtaining and maintaining the Authority to Operate (ATO) for IT systems.
Experience managing SPIDs in Xacta.
Experience with IA Vulnerability Management, including ACAS scanning and patching.
Experience with ICD 503, CNSSI 1253 and NIST 800-53 security controls
Desired: security experience with C2S and UC2S cloud environments
Desired: security experience with DIA's RMF plus process
Excellent listening, interpersonal, written, and oral communication skills
Highly self-motivated and directed Ability to effectively prioritize and execute tasks while under pressure
Strong customer service orientation
Experience working in a team-oriented, collaborative environment
Education Requirement: High School Diploma/ GED
Associates Degree
Bachelors Degree +8
Masters Degree +6

<!– job description page –>