C&A Analyst, #2017-172
This job is no longer active.
View similar jobs.
POST DATE 10/10/2017
END DATE 1/2/2018
Defense Point Security
JOB DESCRIPTIONDefense Point Security is currently seeking a Certification and Accreditation (C&A) Analyst in Bethesda, MD.
* Develop and maintain a complete security in compliance with FISMA and OMB's guidance
* Selection of controls to be monitored support System security categorization support
* System security plans development support
* Performance of risk assessments support and documentation Security controls assessment auditing and testing
* Configuration management and security control/monitoring input support
* Technical Writing (edit/develop documentation, file management)
* Develop system security plans
* Request and review existing system security documentation (e.g., security plan, system design documentation, initial risk assessment documentation, FIPS 199 Security Categorization, etc.); documenting initial system description including system information type and boundary based on information provided
* Holding meetings with key stakeholders to identify and agree to system type, boundary, security categorization, etc.
* Identify key personnel to be involved with the development of the system security plan and scheduling meetings as needed; Document system name, categorization, roles, operational status, information system type (general support system, major application, or minor application), general description (e.g., mission, users, data, process flow, etc.), system environment, interconnections, and applicable laws or regulations
* Select minimum security control requirements out of NIST SP 800-53 based on the FIPS 199 Security Categorization; tailoring security control requirements based on guidance in NIST SP 800-53; holding meetings with key personnel to document implemented and/or planned security controls
* Provide draft system security plan for review and comment; Finalize system security plan documentation
* Obtain signed approval from designated representative; and deliver final system security documentation including any working papers to the customer
* This position requires US Citizenship due to our Federal contractual obligations
* Bachelor's Degree
* 5 years' experience in IT security, including Certification and Accreditation and/or IT security risk analysis/advice, preferably in support of the Federal government
* Working knowledge of FISMA controls with the ability to develop and document controls
* Past experience with large federal agency ATO process
* Knowledge of Federal Government C&A practices and policies; FISMA, NIST SP 800-503
* Experience using Governance/Risk/Compliance (GRC) tools such as Xacta, CSAM, RSA Archer
* Working knowledge of Ongoing Authorization with in the NIST Framework
* Demonstrate knowledge of Federal Risk and Authorization Management Process (FEDRAMP)
* Strong project task management skills
* Flexibility to handle multiple stages of overlapping system reviews in a large organization
* Responsible for assisting in the development a risk management framework (RMF) program and strategy
* Experience with information assurance tools preferred
* Experience vulnerability assessment scanning tools and reporting, such as NESSUS, ACAS
Job Location: Bethesda, MD
Position Type: FullTime/ Regular
Security Requirement: Public Trust
All candidates must be clearable.
To see other locations please see the Information Security Career Menu on defpoint.com
Defense Point Security is an IT Security Consulting firm specializing in government-focused security solutions. Our goal is to provide expert IT security service.