"Alerted.org

Job Description

REQUIRES ABILITY TO GET GOVT CLEARANCE

5 days per week on site in Arlington VA, 6-3PM/7-4PM/8-5PM/9-6PM

Responsibilities:

• Support the completion of the System Security Authorization (SSA) process in accordance with NIST SP 800-37 Risk Management Framework.

• Assist with the development of SSA process documentation consisting of Privacy Threshold Analysis (PTA), Privacy Impact Analysis (PIA), Security Categorization Worksheet (SCW), System Security Plan (SSP), Contingency Plan (CP), and others.

• Ensure CEPS IT system controls are implemented and operating effectively upon completion of the SSA and systems being granted an authorization to operate (ATO).

• Continuously monitor the security and privacy controls in accordance with NIST SP 800-37 and the customer continuous monitoring strategy. Upon changes/modifications to CEPS systems, and a Security Impact Analysis (SIA) being conducted, create and track POA&Ms to be included in the authorization package.

• Perform assessments of the customer-prescribed security and privacy controls to determine the extent to which the selected controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting security and privacy requirements for the system and the customer.

• Provide cybersecurity configuration and patching support for all CEPS systems and ensure compliance in a lab setting prior to implementation in a production environment, as required

• Respond, mitigate, and eliminate system vulnerabilities that exist within CEPS systems, applications, and edge devices.

• Recommend information assurance/security solutions and assist with design, development, and implementation of solutions that meet security requirements.

• Establish and satisfy information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.

• Analyze security requirements and information assurance-related technical problems for ESS and other related computer systems and provide basic technical support.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to [email protected] learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

Skills and Requirements

• Experience with Azure - certification preferred

• Minimum seven (7) years of experience supporting Federal customers in information assurance field or Bachelor's degree and five (5) years of experience required.

• Certified Information Systems Security Professional (CISSP) certification is a plus.

• Experience performing information assurance duties on electronic security systems (ESS) across a broad spectrum of systems (PACS, IDS, VSS and others).

• Knowledge and experience of compliance with industry and government standards, policies and guidelines such as NIST SP 800-37 Risk Management Framework for Information Systems and Organizations and others.

• Proficient in security planning, assessment, risk analysis, and risk management.

• Identifies network, system, applications, and new technology initiatives' security risks, threats, and vulnerabilities.

• Knowledge of current Information Assurance (IA) policy, tactics, techniques, policy, and doctrine.

• Demonstrated ability to effectively communicate both in writing and verbally. CCURE 9000 or other Electronic Security Experience required