Similar Jobs

View More

C&A Analyst, #2017-172 10/10/2017

Defense Point Security Bethesda, MD

Location
Bethesda, MD
AJE Ref #
579721508
Job Classification
Full Time
Job Type
Regular
Company Ref #
MD0000741851
Experience
Mid-Career (2 - 15 years)
Education
Bachelors Degree

JOB DESCRIPTION

APPLY
Defense Point Security is currently seeking a Certification and Accreditation (C&A) Analyst in Bethesda, MD.

Job Responsibilities:

* Develop and maintain a complete security in compliance with FISMA and OMB's guidance

* Selection of controls to be monitored support System security categorization support

* System security plans development support

* Performance of risk assessments support and documentation Security controls assessment auditing and testing

* Configuration management and security control/monitoring input support

* Technical Writing (edit/develop documentation, file management)

* Develop system security plans

* Request and review existing system security documentation (e.g., security plan, system design documentation, initial risk assessment documentation, FIPS 199 Security Categorization, etc.); documenting initial system description including system information type and boundary based on information provided

* Holding meetings with key stakeholders to identify and agree to system type, boundary, security categorization, etc.

* Identify key personnel to be involved with the development of the system security plan and scheduling meetings as needed; Document system name, categorization, roles, operational status, information system type (general support system, major application, or minor application), general description (e.g., mission, users, data, process flow, etc.), system environment, interconnections, and applicable laws or regulations

* Select minimum security control requirements out of NIST SP 800-53 based on the FIPS 199 Security Categorization; tailoring security control requirements based on guidance in NIST SP 800-53; holding meetings with key personnel to document implemented and/or planned security controls

* Provide draft system security plan for review and comment; Finalize system security plan documentation

* Obtain signed approval from designated representative; and deliver final system security documentation including any working papers to the customer

Job Qualifications:

* This position requires US Citizenship due to our Federal contractual obligations

* Bachelor's Degree

* 5 years' experience in IT security, including Certification and Accreditation and/or IT security risk analysis/advice, preferably in support of the Federal government

* Working knowledge of FISMA controls with the ability to develop and document controls

* Past experience with large federal agency ATO process

* Knowledge of Federal Government C&A practices and policies; FISMA, NIST SP 800-503

* Experience using Governance/Risk/Compliance (GRC) tools such as Xacta, CSAM, RSA Archer

* Working knowledge of Ongoing Authorization with in the NIST Framework

* Demonstrate knowledge of Federal Risk and Authorization Management Process (FEDRAMP)

Preferred Skills:

* Strong project task management skills

* Flexibility to handle multiple stages of overlapping system reviews in a large organization

* Responsible for assisting in the development a risk management framework (RMF) program and strategy

* Experience with information assurance tools preferred

* Experience vulnerability assessment scanning tools and reporting, such as NESSUS, ACAS

Job Location: Bethesda, MD

Position Type: FullTime/ Regular

Security Requirement: Public Trust

All candidates must be clearable.

To see other locations please see the Information Security Career Menu on defpoint.com

Defense Point Security is an IT Security Consulting firm specializing in government-focused security solutions. Our goal is to provide expert IT security service.