Enterprise Information Services, Inc.

  • Information Assurance Specialist

    Job Location US-DC
    ID
    2018-3607
    # of Openings
    1
    Targeted Job Start Date
    7/30/2018
  • Overview

    The IA Specialist supports the DHS Domestic Nuclear Detection Office (DNDO) Office of the Chief Information Officer (OCIO), provides support for implementation, troubleshooting and maintenance of IT systems.

    Responsibilities

    • Serve as the primary Assessor executing the steps of the Risk Management Framework.
    • Assess all applicable security controls defined in IACS and applicable to the systems under their purview. The assessment results shall be documented completely and accurately in the DHS Compliance Tool (currently IACS) at the operating system, application and database levels.
    • Liaison and serve as the driving force for all Security Authorization (SA), Ongoing Authorization and Preliminary Risk Assessment efforts to include ensuring ISSOs complete a FIPS.199, PTA, e-authentications, CPs, CPTRs, SPs, and 800.53A test cases.
    • Responsible for developing Security Assessment Plans (SAP), Security Assessment Reports (SAR), ATO Letters, and Ongoing Authorization (OA) artifacts.
    • Review compliance scanning results in order to identify and create POA&Ms for the information systems under their responsibility. This shall be completed according to timelines defined in the security authorization schedules if applicable, or as defined by the Compliance Branch Manager.
    • Manage the TSA mission essential systems throughout the entire SA lifecycle to include step 6 of the Risk Management Framework.
    • Serve as the focal point for all SA activities to the ISSO, System Owner, and Program Manager

    Qualifications

    • Preferred DHS EOD and/or Active DoD Secret and able to obtain a DHS Clearance.
    • BS and 15 years of experience or MS and 5 years’ experience, plus CISSP certification preferred
    • Strong familiarity with National Institute of Technology (NIST) Information Security Documents.
    • Experience executing Step 4 (Security Assessment) of the NIST Risk Management Framework (RMF).
    • Experience developing and promulgating Security Assessment Plans.
    • Experience interpreting and evaluating implementations of NIST 800-53 rev 4 security controls.
    • Documenting NIST 80053 security control compliance findings within Requirements Traceability Matrixes (RTMs) and Security Assessment Reports (SARs).
    • Experience reviewing and interpreting scans
    • Ability to execute Security Assessments and develop and deliver supporting documentation within aggressive timelines.
    • Ability to research and quickly grasp unfamiliar information technologies.
    • Good organizational, communication and planning skills.
    • Ability to work independently with minimal supervision and oversight.
    • Proficient with Microsoft Office products particularly Word, Excel, PowerPoint and Outlook.
    • Infrastructure, Virtualization, Web Tier, Application Tier and/or Database Tier and Operating System experience recommended.
    • Working knowledge of Ongoing Authorization within the NIST Framework.

    EIS is an Equal Opportunity Employer/M/F/V/Disabled

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed