Today
Top Secret/SCI
Unspecified
Unspecified
IT - Security
Bluemont, VA (On-Site/Office)
Cyber Security Management Specialist
Location: Springfield, VA or Bluemont, VA
Clearance: TS/SCI
Technical Skills/Duties:
Experience/Education:
Location: Springfield, VA or Bluemont, VA
Clearance: TS/SCI
Technical Skills/Duties:
- Communication Skills: Strong oral, written and listening skills
- Analytical Skills: Ability to visualize, articulate, conceptualize and solve both complex problems by making reasonable decisions given the information available
- Maintain program security plans in Xacta/Xacta 360 as they process through the Risk Management Framework Assessment and Authorization process in order to achieve ATO status or maintain programs under Continuous Monitoring status.
- Experience with executing ACAS scans and providing analysis of findings
- Experience with Vulnerability Management and cybersecurity risk analysis
- Desired: experience writing and/or updating agreements such as ISAs, MOUs, ATCs, etc.
- Experience writing Version Description Documents as new software baselines are released; along with drafting documentation to request approval for new software and determining impact and risk of software components
- Development and maintenance of system CONOPS, System Security Plans (SSPs), Interconnection Security Agreements (ISAs), Security Controls Traceability Matrix (SCTM), and other accreditation package body of evidence documents.
- Adopt and maintain a customer notification and enforcement process for implementing IS security policy changes.
- Conduct periodic reviews to ensure compliance with the SSP.
- Ensure configuration management (CM) for security-relevant IS software, hardware, and firmware is maintained and documented, by means that include frequent review of firmware versions for hardware models.
- Coordinate and conduct IS security inspections, tests, and reviews, as tasked by the DOE Government Information Security Manager (GPOC) in coordination with the applicable Program/Project Manager (PM). Frequency of occurrence shall be on a monthly basis, on average.
- Ensure approved procedures are in place for clearing, purging, declassifying, and releasing system memory, media, and output and provide procedures and SOP to GPOC.
- Ensure development and implementation of procedures for authorizing the use of software, hardware, and firmware on the system.
Experience/Education:
- Education: A Bachelor's degree in Systems Engineering, Cybersecurity, or Information Technology; or equivalent demonstrated experience in a related enterprise architecture and/or cybersecurity engineering discipline.
- Certifications: DoDI 8570 Level II Certified IA - SAE required.
- Minimum of six years of experience.
group id: 10364120
