INFO Assurance A&A
Info Assurance SME A&A
Thie Job Requires a TS SCI with Polygraph
This program is responsible for cloud innovation for the customer. This program is going through a transformation that leverages the Amazon Cloud Services (AWS) to build big data capabilities. The Cyber Security Engineer will be part of a transformation that leverages the Amazon Cloud Services (AWS) to build big data capabilities. The selected candidate must be aware of all activities associated with the design, test configuration, qualification, certification, operation, and requirements of the product/project. The Cyber Security Engineer will support a large complex physical and AWS environment, from a coordination standpoint as well as communication with the customer.
Day to Day:
The Info Assurance SME will provide required cyber security system engineering and system integration support for enterprise Infrastructure and Application services including: understanding mission impacts as a result of new security services; supporting design, implementation, testing, and deployment of defense-in-depth security services including Threat Mitigation, IdAM, Logging / Auditing / Alerting, Encryption (data and comms.); supporting both Assessment & Authorization (A&A) as well as Certification and Accreditation (C&A) activities, including coordination with Information Security (INFOSEC), and developing and maintaining required documentation.
Day to Day:
This person will support the preparation, submission and maintenance of Trusted Facility Manuals, System Security Plans (SSP), Security Concept of Operations (CONOPS), Security Requirements Traceability Matrix (SRTM), and other security related documentation for compliance with security features and enhancements.
They will support the documentation contributions of others assigned to the program from technical, support, and administrative areas. They are also going to lead program teams through the Risk Management Framework (RMF) to obtain system Authorization and Accreditation
Perform system A&A planning, assessment validation, testing, and liaison activities.
Document the results of A&A activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M. Assist in implementation of RMF-based policies and procedures; make recommendations on process tailoring, participate in and document process activities
Support the continuous assessment of Cyber Control compliance for the program
have experience with Risk Management Framework (RMF) and the Authorization and Accreditation (A&A) process and system security design, testing, and principles
Experience with ICD 503 SPECIFIC and ICD compliances
Expertise with all over A&A process/planning/finalization
Experience with RMF
Experience with network protection technologies, operating system vulnerability analysis and correction and methods to mitigate system-wide security vulnerabilities
Possess excellent verbal and written communication skills to produce coherent and concise documentation required for certification evaluation.
Must be able to prioritize and execute tasks in a collaborative team environment within schedules and timelines.
Job Type: FT