- RightDirection Technology Solutions LLC (Washington, DC)
- …NIST RMF. Develop and maintain documentation such as System Security Plans ( SSP ), Security Assessment Reports (SAR), and Security Impact Analysis (SIA) reviews. ... Audit and Documentation Support:Assist the ISSO and governance teams in preparing for internal and external audits. Maintain accurate records of control implementations, policy exceptions, and remediation efforts. Ensure documentation aligns with 12 FAM, 5… more
- Tetrad Digital Integrity LLC (Washington, DC)
- …+ Support systems owners to develop, update and maintain the System Security Plan ( SSP ) for assigned systems. + Advise system owners on all matters, technical and ... otherwise, involving the security of assigned IT systems. + Develop standard operating procedures in accordance with security control requirements. + Perform continuous monitoring of security controls to ensure that they are implemented correctly, operating as… more
- Criterion Systems (Washington, DC)
- …Security Categorization document, control selection listing, System Security Plan ( SSP ), Information System Configuration Management Plan, and Account Management ... Plan. + Develop information system contingency plans, including Business Impact Analysis (BIA), in accordance with NIST SP 800-34 Revision (Current), Guide to Test, Training and Exercise Programs for Information Technology Plans and Capabilities and ensure… more
- Chenega Corporation (Washington, DC)
- …years of experience developing the required documents for the A&A package (eg, SSP , CP, and SAR), including oversight and development of POA&M's, and performing all ... continuous monitoring functions with the most recent experience occurring in the last three years. + 5+ years of experience implementing NIST 800-53A security controls for federal agencies. + 1+ years of experience in data structures, data mining, and business… more
- ManTech (Washington, DC)
- …or joint-use IS + Perform an independent review of the System Security Plan ( SSP ) and make approval decisions. Request and negotiate the level of testing required ... for an IS with the Enterprise Information Security Section and the FBI Authorizing Official. + Coordinate IS security inspections, tests, and reviews with the Security and system owner. Submit the final SAA package to the FBI Authorizing Official for a… more
- RedTrace Technologies Inc (Washington, DC)
- …or joint-use IS + Perform an independent review of the System Security Plan ( SSP ) and make approval decisions + Request and negotiate the level of testing required ... for an IS with the Enterprise Information Security Section and the agency Authorizing Official + Schedule security control assessments in coordination with the system owner. + Coordinate IS security inspections, tests, and reviews with the Security and system… more
- St. George Tanaq Corporation (Washington, DC)
- …+ Coordinate and prepare system documentation including: System Security Plan ( SSP ); Security Assessment Report (SAR); Risk Assessment Reports (RAR); Incident ... Response Plans (IRP). + Conduct regular security reviews, vulnerability assessments, STIG compliance checks, and audit log reviews. + Collaborate with system owners, developers, and operations staff to ensure security is integrated into IT projects and daily… more
- Huntington Ingalls Industries (Washington, DC)
- …a classified environment and develops and maintains System Security Plans ( SSP ) outlining security operating procedures. Provides technical and programmatic IA ... support for network and information security systems. Builds and maintains Development, Security, and Operations (DevSecOps) pipelines and automation. Designs, develops, and implements security requirements. Prepares Security Test and Evaluation plans and… more
- Ankura (Washington, DC)
- …including Plans of Action and Milestones (POAM) and System Security Plans ( SSP ) . Building industry-recognized subject matter expertise in the national security and ... DIB cybersecurity domains, including keeping apace with developments in cyber frameworks and compliance, and producing timely, polished thought leadership. Professional and conceptual agility to design and execute compliance risk mitigation and information… more
- PSI Services (Washington, DC)
- …a Federal Program is essential and contributing to core document set eg SSP , ConMon reporting, POAMs, System Narrative, SCP, SIA + Experience implementing or ... maintaining FedRAMP Moderate Authorization is desirable. + Experience documenting security controls in Architecture diagrams is essential + Extensive training and experience in IT disciplines such as application and data security, systems programming, systems… more