SMS Data Products Group, Inc.
Senior Information Assurance Security Specialist
SMS Data Products Group, Inc., Springfield, Illinois, us, 62777
Senior Information Assurance Security Specialist
SMS Data Products Group, Inc. is seeking a Senior Information Assurance Security Specialist to join our team supporting the United States Coast Guard in Alexandria, VA. The Information Assurance Security Specialist is responsible for all Risk Management Framework (RMF) activities for implemented CDM technologies. You'll also work in a dynamic environment with other IA professionals using the latest technology.As a dynamic systems integrator, SMS offers proven solutions in engineering, operations, cybersecurity, and digital transformation. With expertise in modernizing and optimizing legacy infrastructure and systems, ensuring operational efficiency, and designing, implementing, and managing secure environments, SMS supports business and mission goals with proficiency, quality, and integrity.Responsibilities
Serve as senior member and representative of assigned team for meetings and efficiently lead internal resources to meet established milestones and targeted completion dates.Provide guidance, coaching, and training to employees of assigned team.Assist in Security Assessment & Authorization Coordination.Plan and conduct security authorization reviews of federal systems.Manage and review Accreditation Packages.Support USCG system accreditation and Ongoing Assessment and Ongoing Authorization processes and activities for assigned systems.Provide SME knowledge of Risk Management Framework (RMF) policy and application, NIST Security Controls, and Control Implementation methodologies for the A&A process.Review and provide guidance on System Security Plan, Security Assessment Report (SAR), and Plans of Action and Milestones and other security documentation.Support POA&M remediation activities and the review of POA&M closure documentation.Responsible for assessing and developing authorization packages for technical solutions that may require collaboration with internal expertise and deep analysis of the technical solution.Collaborate and communicate with parties within and outside of own job function, including customers and vendors.Understand and support Privacy Compliance Activities to include the review of Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), and Statement of Record Notices (SORN).Facilitate and monitor information assurance (IA) processes for new projects, including the development of security authorization packages and tracking progress for all Security Control implementations and Plans of Action and Milestones (POA&M).Support and/or develop all Security Authorization artifacts and documentation and assemble Authorization packages.Responsible for administration and adherence of the Risk Management Plan.Coordinate closely with the Quality Assurance Specialists in identifying and mitigating risk to meet established quality standards.Qualifications
Minimum of an active DoD Secret clearance required.University Degree (BA/BS) or equivalent experience and minimum 5 years related work experience.CSSP-AU: At least one of the DOD 8750 IAT III certifications: CASP+ CE, CCNP Security, CISA, CISSP (or associate), GCED, GCIH, or CCSP.Relevant DOD, DHS or .gov Cyber Security Information Assurance focused experience with specific current hands-on experience researching, writing, and submitting complete A&A documentation packages for new system authorizations.Well-developed understanding of Federal Civilian or DHS Security Assessment and Authorization (SA&A) processes.Experience with continuous monitoring/ongoing authorization.Intimate understanding of NIST RMF implementation guidance.In-depth understanding of the relevance of NIST Security Controls and Control Implementation methodologies to the SA&A process.Experience assessing security controls based on cybersecurity principles and tenets (e.g., NIST SP 800-53, Cybersecurity Framework, etc.).Demonstrated understanding of critical documentation required in Security Authorization (SA) Packages.Ability to understand and support Privacy Compliance Activities to include the development of Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), and Statement of Record Notices (SORN).Experience managing client relationships, including determining client needs/requirements, managing client expectations, and demonstrating commitment to delivering quality results.Experience analyzing strategic guidance for issues requiring clarification and/or additional guidance.Understanding of the basic concepts and issues related to cyber and its organizational impact.Experience as senior or lead member of a team, including experience coaching and providing guidance to less experienced or new team resources, reviewing work products, tracking deadlines, and coverage, reporting, facilitating onboarding/offboarding procedures, etc.Experience with administrative planning activities, to include preparation of functional and specific support plans and preparing and managing correspondence.These Qualifications Would Be Nice to Have:Well-developed understanding of Systems Development Lifecycle (SDLC) and ideally the DHS Systems Engineering Lifecycle (SELC) process as it relates to Security Assessment and Authorization (SA&A).Hands-on experience with eMASS or similar application.Clearance
Active DOD Secret clearance required.Certifications
CSSP-AU: At least one of the DOD 8750 CSSP Auditor certifications: CEH, CySA+, CISA, GSNA, CFR, PenTest.SMS is an Equal Opportunity Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
#J-18808-Ljbffr
SMS Data Products Group, Inc. is seeking a Senior Information Assurance Security Specialist to join our team supporting the United States Coast Guard in Alexandria, VA. The Information Assurance Security Specialist is responsible for all Risk Management Framework (RMF) activities for implemented CDM technologies. You'll also work in a dynamic environment with other IA professionals using the latest technology.As a dynamic systems integrator, SMS offers proven solutions in engineering, operations, cybersecurity, and digital transformation. With expertise in modernizing and optimizing legacy infrastructure and systems, ensuring operational efficiency, and designing, implementing, and managing secure environments, SMS supports business and mission goals with proficiency, quality, and integrity.Responsibilities
Serve as senior member and representative of assigned team for meetings and efficiently lead internal resources to meet established milestones and targeted completion dates.Provide guidance, coaching, and training to employees of assigned team.Assist in Security Assessment & Authorization Coordination.Plan and conduct security authorization reviews of federal systems.Manage and review Accreditation Packages.Support USCG system accreditation and Ongoing Assessment and Ongoing Authorization processes and activities for assigned systems.Provide SME knowledge of Risk Management Framework (RMF) policy and application, NIST Security Controls, and Control Implementation methodologies for the A&A process.Review and provide guidance on System Security Plan, Security Assessment Report (SAR), and Plans of Action and Milestones and other security documentation.Support POA&M remediation activities and the review of POA&M closure documentation.Responsible for assessing and developing authorization packages for technical solutions that may require collaboration with internal expertise and deep analysis of the technical solution.Collaborate and communicate with parties within and outside of own job function, including customers and vendors.Understand and support Privacy Compliance Activities to include the review of Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), and Statement of Record Notices (SORN).Facilitate and monitor information assurance (IA) processes for new projects, including the development of security authorization packages and tracking progress for all Security Control implementations and Plans of Action and Milestones (POA&M).Support and/or develop all Security Authorization artifacts and documentation and assemble Authorization packages.Responsible for administration and adherence of the Risk Management Plan.Coordinate closely with the Quality Assurance Specialists in identifying and mitigating risk to meet established quality standards.Qualifications
Minimum of an active DoD Secret clearance required.University Degree (BA/BS) or equivalent experience and minimum 5 years related work experience.CSSP-AU: At least one of the DOD 8750 IAT III certifications: CASP+ CE, CCNP Security, CISA, CISSP (or associate), GCED, GCIH, or CCSP.Relevant DOD, DHS or .gov Cyber Security Information Assurance focused experience with specific current hands-on experience researching, writing, and submitting complete A&A documentation packages for new system authorizations.Well-developed understanding of Federal Civilian or DHS Security Assessment and Authorization (SA&A) processes.Experience with continuous monitoring/ongoing authorization.Intimate understanding of NIST RMF implementation guidance.In-depth understanding of the relevance of NIST Security Controls and Control Implementation methodologies to the SA&A process.Experience assessing security controls based on cybersecurity principles and tenets (e.g., NIST SP 800-53, Cybersecurity Framework, etc.).Demonstrated understanding of critical documentation required in Security Authorization (SA) Packages.Ability to understand and support Privacy Compliance Activities to include the development of Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), and Statement of Record Notices (SORN).Experience managing client relationships, including determining client needs/requirements, managing client expectations, and demonstrating commitment to delivering quality results.Experience analyzing strategic guidance for issues requiring clarification and/or additional guidance.Understanding of the basic concepts and issues related to cyber and its organizational impact.Experience as senior or lead member of a team, including experience coaching and providing guidance to less experienced or new team resources, reviewing work products, tracking deadlines, and coverage, reporting, facilitating onboarding/offboarding procedures, etc.Experience with administrative planning activities, to include preparation of functional and specific support plans and preparing and managing correspondence.These Qualifications Would Be Nice to Have:Well-developed understanding of Systems Development Lifecycle (SDLC) and ideally the DHS Systems Engineering Lifecycle (SELC) process as it relates to Security Assessment and Authorization (SA&A).Hands-on experience with eMASS or similar application.Clearance
Active DOD Secret clearance required.Certifications
CSSP-AU: At least one of the DOD 8750 CSSP Auditor certifications: CEH, CySA+, CISA, GSNA, CFR, PenTest.SMS is an Equal Opportunity Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
#J-18808-Ljbffr