K2 Group, Inc.
INFORMATION SYSTEMS AUDITOR
K2 Group, Inc., Virginia, Minnesota, United States, 55792
This is a contingent opportunityConducts technical cyber and communications vulnerability assessments of computer networks, other technology (OT) systems telecommunications and other communications systems.Duties:Perform oversight of the development, implementation and evaluation of IS security program policy; special emphasis placed upon integration of existing network infrastructure.Advise the Information System Owner (ISO), Information Data Owner (IDO), Program Security Officer (PSO), and the Delegated and/or Authorizing Official (DAO/AO) on any assessment and authorization issues.Evaluate Authorization packages and make recommendations to the AO and/or DAO for authorization.Evaluate IS threats and vulnerabilities to determine whether additional safeguards are required.Advise the Government concerning the impact levels for Confidentiality, Integrity, and Availability for the information on a system.Ensure security assessments are completed and results documented and prepare the Security Assessment Report (SAR) for the Authorization boundary.Initiate a Plan of Action and Milestones (POA&M) with identified weaknesses for each Authorization Boundaries assessed, based on findings and recommendations from the SAR.Evaluate security assessment documentation and provide written recommendations for security authorization to the Government.Discuss recommendations for authorization and submit the security authorization package to the AO/DAO.Assess proposed changes to Authorization boundaries operating environment and mission needs to determine the continuation to operate.Review and concur with all sanitization and clearing procedures in accordance with Government guidance and/or policy.Assist the Government compliance inspections.Assist the Government with security incidents that relate to cybersecurity and ensure that the proper and corrective measures have been taken.Ensure organizations are addressing and conducting all phases of the system development life cycle (SDLC).Evaluate Hardware and Software to determine security impact that it might have on Authorization boundaries.Evaluate the effectiveness and implementation of Continuous Monitoring Plans.Represent the customer on inspection teams.Experience:5 - 7 years related experience.Minimum of three (3) years’ experience in SAP, SCI or Collateral Information Systems (IS) Security and the implementation of regulations identified in the description of duties.Prior performance in the role of ISSO and ISSM.Education:Possess a Bachelor's degree in a Computer Science, Computer Engineering, Electrical Engineering, or a related technical discipline. In lieu of a degree, commensurate operational experience may be substituted.Certifications:Possess IAT Level II certifications and CSSP Analyst computing environment certification as defined and described in Joint Publication 3-13 Information Operations and 3-12 Cyberspace Operations, DoDI 8500.1 and DoD 8570.01 and 8570.01-M.Other Requirements:Possess a working knowledge of computer network architecture and network diagramming.Possess a working knowledge of Computer Network vulnerability/compliance analysis software.(Desired) Prior experience supporting DoD Nuclear Command, Control & Communications (NC3) and Defense Critical Infrastructure (DCI).Additional Requirements:Accept worldwide deployments which include high threat permissive areas presenting some risks to personal safety.Submit to immunization for worldwide travel.Security Clearance:Current Top Secret clearance with SCI eligibility.Benefits:K2 Group’s benefit offerings include: Medical/ Dental/ Vision Insurance; FSA Medical & FSA Dependent Care; Pre-tax 401(k) & ROTH 401(k) plans; Profit Sharing Plan; Life & Accidental Death Insurance; Short Term/ Long Term Disability; Voluntary Group Life Insurance option; Tuition Reimbursement; Job-related Course Reimbursement; Holiday Pay; and Paid Time-Off.
#J-18808-Ljbffr
#J-18808-Ljbffr