Twitter Facebook
Annapolis Junction, MD
Job Type
Direct Hire
Mar 14, 2018
Job ID

  • Develop system security documentation in support of authorization and continuous monitoring under the DoD Risk Management Framework (RMF)
  • Coordinate with DAOs Data Owners, SAs and devs for Security relevant changes to SSPs
  • Monitor/maintain SSPs for hardware and software changes
  • Participate in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access
  • Ensures systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the System Security Plan 
  • Ensures that all system users have the requisite security clearances, authorization, and need-to-know, and are aware of their security responsibilities before granting access 
  • Research and report on CSIRs
  • Review audit events for information systems and address events/incidents that occur with stakeholders.
  • Ensures all information system security-related documentation is current and accessible to properly authorized individuals 
  • Maintains records, outlining required patches/system upgrades that have been accomplished throughout the information system's life cycle 
  • Update Biscotti by coordinating with SAs and reporting IAVA status
  • Create and maintain Plan of Action and Milestones (POAM) as required
  • Ensures that all systems/network are compliant and in scope of current accreditation
  • Coordinate Nessus or CyborgBunny scans as required
  • Evaluates proposed changes or additions to the information system, and advises the Information Systems Security Manager (ISSM) of their security relevance 
  • Participate in internal / external security audits/inspections 
  • Directs program system administrators on security matters

Required Skills:
  • Thorough understanding of the RMF process (Risk Management Framework)
  • Highly Experienced with XACTA, LatteArt, Biscotti & SEAR
  • Working knowledge of DoDI 8500.2 “Information Assurance.”
  • Thorough understanding of NIST 800-53, NIST 800-37, DCID 6/3, and the NISPOM
  • Experienced with government accreditation requirements under DITSCAP and DIACAP. 
  • Familiar with Nessus or CyborgBunny.
  • Experience in evaluating, testing, certification and accreditation of classified and sensitive but unclassified information systems.
  • Experienced with analysis and evaluation of hardware and software in support of the Intelligence Community (IC). 
  • Able to apply current computer security technologies and IA requirements to maintain system security posture.
  • Responsible for maintaining and enforcing approved security policies, standards and guidelines
Security: Per Government and position requirements, prior to position start date, candidate must possess an active high level DoD security clearance with polygraph

"The management staff are outstanding and have done a great job of making me feel like I'm more than just a number."
Employee Testimonial