This role provides implements and validates security controls that support the Risk Management Framework (RMF) and ICD 503 Security Accreditation as part of an Agile team. Responsibilities include developing architecture documentation and Systems Security Plans (SSP) to support Accreditation and Authorization (A&A) reviews, and coordinating with customer security organizations as part of DevSecOps delivery pipeline to achieve Authority to Operate (ATO). Knowledge of the complex environment involving shared IC networks and multiple security enclaves is desired.
-This role is responsible for protecting the organization's information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording and destruction.
-Duties include managing and enforcing security strategies and policies within established guidelines.
-Responsibilities include IT Security Strategy, CyberSecurity, and Compliance and Risk Management.
- Experience providing technical/management leadership on major tasks or technology assignments.
- Experience establishing goals and plans that meet project objectives.
- Domain and expert technical knowledge.
- Experience directing and controlling activities for a client, having overall responsibility for financial management, methods, and staffing to ensure that technical requirements are met.
- Experience interfacing with senior management and negotiating with clients on requirements and deliverables.
- Experience supervising others.
Candidate must have BS with 17+ years of prior relevant experience or Masters with 15+ years of prior relevant experience.
Candidate must have an active TS/SCI with polygraph.
List additional skills and experience that is "nice to have" but not required.
1. Experienced with various security tools and processes such as Splunk, Nessus Security Center, WebInspect, Xacta
3. PKI implementation
4. STIG compliance and POA&M and vulnerability management