NRS Information Assurance Systems Security Officer/Engineer with

Information Assurance Systems Security Officer/Engineer Location: Chantilly, VA Clearance: TS/SCI Our great client is a Service–Disabled Veteran–Owned Small Business (SDVOSB) with a vision to become the trusted information technology advisors to our clients while providing superior, cost effective service. Our reputation lies in building lasting relationships with our clients and a focus on delivering value in all we do. Our great client is currently a prime contract holder with the NGA, DLA, DIA, USDA, Coast Guard and many more Program Description: Defense Intelligence Agency (DIA) is an intelligence agency of the United States federal government, specializing in defense and military intelligence. This program will be contributing to the design, development, implementation, operational sustainment, and continual improvement of IT Service Management (ITSM) capabilities, such as ServiceNow, to optimize the efficiency and effectiveness of service delivery to DIA customers stakeholders and end–users. Job Description: Perform, or review, technical security assessments of computing environments to identify points of vulnerability, non–compliance with established IA standards and regulations, and recommend mitigation strategiesValidate and verify system security requirements definitions and analysis and establishes system security designsDesign, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirementsBuild IA into systems deployed to operational environmentsAssist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application security policy and enterprise solutionsSupport the building of security architecturesEnforce the design and implementation of trusted relations among external systems and architecturesAssess and mitigate system security threats/risks throughout the program life cycleContribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operationsReview Assessment and Authorization (A&A) documentation, providing feedback on completeness and compliance of its contentPerform system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of operational IA and CND systemsApply system security engineering expertise in one or more of the following to: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off–the–shelf and government off–the–shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non–repudiation, availability, and access control); and security testing.Advocate and recommend system–level solutions to resolve security requirements.Monitor and suggest improvement to IA policy.Interact with customers, IT staff, and high–level corporate officers to define and achieve required IA objectives.Provide the Government assistance to ensure that the architecture and design of information systems are functional and secure, including program of record systems and special purpose environments with platform IT interconnectivity.Provide expert guidance and work product evaluation to one or more security engineers that support Engineering teams for the design, development, implementation, evaluation, and/or integration of secure networking, computing, and enclave environments.Minimum Experience: IA SAE II (CASP+, CISSP, CSSLP)5+ years of experience as an ISSO.Experience with managing systems through the A&A process including development, review and updates of Body of Evidence artifacts in the accreditation package, development of System Security Plan (SSP), Security Test Plan (STP), Interconnection Security Agreements (ISA) and Security Controls Traceability Matrix (SCTM)Experience with the RMF process including obtaining and maintaining the Authority to Operate (ATO) for IT systems.Experience managing SPIDs in Xacta.Experience with IA Vulnerability Management, including ACAS scanning and patching.Experience with ICD 503, CNSSI 1253 and NIST 800–53 security controlsDesired: security experience with C2S and UC2S cloud environmentsDesired: security experience with DIA's RMF plus processExcellent listening, interpersonal, written, and oral communication skillsHighly self–motivated and directed Ability to effectively prioritize and execute tasks while under pressureStrong customer service orientationExperience working in a team–oriented, collaborative environmentEducation Requirement: High School Diploma/ GEDAssociates DegreeBachelors Degree +8Masters Degree +6

#J-18808-Ljbffr