My IT LLC

Ensure plans and channels are in place for incident response, business continuity, disaster recovery, and vulnerability and threat reporting.. IA tools and scanners used to evaluate the security posture of the system/enclave.. Must have at least 3 years of experience following the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) and/or RMF (RMF is preferred) experience: Experience in RMF testing of all CS requirements and analysis required to complete an RMF package document for submittal and approval.. Experience with IA tools and scanners used to evaluate the security posture of the system/enclave.. Must have one of the following: Current Certified in Governance, Risk, and Compliance (CGRC) Current CompTIA Advanced Security Practitioner (CASP+) Current Certified Information Security Manager (CISM) Current Certified Information Systems Security Professional (CISSP) Current GIAC Security Leadership (GSLC) Current Certified Chief Information Security Officer (CCISO)

system security engineer

Information System Security Engineer (ISSE) Location - Mechanicsburg, Pennsylvania (Remote) Department - Project Delivery - Federal FTE JD- Responsibilities: <ul> <li> Review, analyze, and evaluate business systems and user needs, specifically about Authorization and Accreditation (A&A) (security requirements and documentation support) for the Navy, Plans of Action, and Milestones (POA&Ms), and documentation support. </li> <li> Interact daily with the PMO, Operations, and IT Security teams to address the needs of A&A and POA&M remediation. </li> <li> Write, edit, and/or manage a wide range of IT Security documentation and be familiar with federal IT standards such as the Federal Information Security Management Act (FISMA), Federal Information Processing Standards (FIPS), NIST Special Publications (SPs), and NIST SP 800-37 Rev 1 (Guide for Applying the Risk Management Framework to Federal Information Systems: Security Life Cycle Approach). </li> <li> Perform internal audits of the systems before third-party audits. </li> <li> Participate in security control implementation, testing efforts, and vulnerability-level risk assessments. </li> <li> Assist in mitigating and closing open vulnerabilities under the system's change control process. </li> <li> Play a role in reviewing and updating RMF Cyber Security documentation. </li> <li> Perform other related duties as assigned. </li> <li> Ensure plans and channels are in place for incident response, business continuity, disaster recovery, and vulnerability and threat reporting. </li> <li> Perform other related duties as assigned. </li> </ul> Required Skills/Abilities: <ul> <li> Must demonstrate: <ul> <li> Excellent verbal and written communication skills. </li> <li> Strong technical writing skills. </li> <li> Excellent problem-solving skills. </li> <li> Attention to detail and accuracy. </li> <li> Ability to work independently and in a team environment. </li> <li> A thorough understanding and knowledge of the RMF process IAW the Navy RMF Process Guide. </li> </ul> </li> <li> Must have experience working with the following: <ul> <li> Enterprise Mission Assurance Support Service (eMASS) </li> </ul> </li> <li> Security technologies such as firewalls, intrusion detection, prevention systems, and vulnerability assessment tools. </li> <li> IA tools and scanners used to evaluate the security posture of the system/enclave. </li> </ul> Required Experience: <ul> <li> Must have at least 3 years of experience following the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) and/or RMF (RMF is preferred) experience: <ul> <li> Experience in RMF testing of all CS requirements and analysis required to complete an RMF package document for submittal and approval. </li> <li> Experience performing vulnerability risk analysis on the deficiencies found during RMF testing. </li> </ul> </li> <li> Experience with IA tools and scanners used to evaluate the security posture of the system/enclave. </li> </ul> Education Level: <ul> <li> A degree in Computer Science is preferred but not required. </li> </ul> Required Certifications: <ul> <li> Must have one of the following: <ul> <li> Current Certified in Governance, Risk, and Compliance (CGRC) </li> <li> Current CompTIA Advanced Security Practitioner (CASP+) </li> <li> Current Certified Information Security Manager (CISM) </li> <li> Current Certified Information Systems Security Professional (CISSP) </li> <li> Current GIAC Security Leadership (GSLC) </li> <li> Current Certified Chief Information Security Officer (CCISO)</li></ul></li></ul>

START NEW SEARCH