Today
Top Secret
Unspecified
Polygraph
IT - Security
Herndon, VA (On-Site/Office)
Senior Principal Information Assurance/Security Engineer:
Job Description:
As a Computer Systems Security Analyst on the TALOS program, you will be expected to:
Required Qualifications:
Desired Qualifications:
Job Description:
As a Computer Systems Security Analyst on the TALOS program, you will be expected to:
- Design and implement safety measures and controls. Monitor network activity to identify vulnerable points. Address privacy breaches and malware threats.
- Support the Assessment and Authorization (A&A) processes and Information Assurance documentation for multiple analytic and mission systems across all CLINs
- Generate and maintain the complete security Body of Evidence (BoE) while leading the A&A activities according to the Risk Management Framework (RMF) processes (ICD 503, CNSSI-1253, NIST 800-37, NIST 800-53, etc.) for all multiple information systems
- Author, complete and maintain the System Security Plan (SSP) within XACTA
- Develop the Security Controls Traceability Matrices (SCTM), and the Security Test Plan (STP) procedures within Xacta.
- Analyze existing security systems and make recommendations for changes or improvements
- Prepare reports and action plans in the event that a security breach does occur
- Monitor the network and provide early warning of abnormalities or problems
- Communicate the system status and keep users informed of downtime or changes to the system
- Experience working with software developers and architects to understand security requirements
- Experience guiding the application developers on security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements
- Experience creating and managing the plan of action and milestones (POA&Ms), and working with project managers and engineers to develop schedules and engineering actions that mitigate open findings
- Experience supporting the Continuous Monitoring of operational systems; experience monitoring and auditing operational systems for proper use
- Log Review/Analysis using SIEM tools (Splunk, etc.)
- Vulnerability Analysis and Review (ACAS, TwistLock, SonarQube)
- DISA STIGs and STIG Viewer experience
Required Qualifications:
- 9+ years supporting Assessment and Authorization (A&A) and information assurance processes and documentation using RMF, BS degree; 7 years of experience with a masters; an additional 4 years of experience required in lieu of a degree (will consider at Staff level with the appropriate years of experience)
- Hands-on experience to validate control implementations and test procedures
- Knowledge of current security risks and protocols
- Willingness to work outside of standard hours if circumstances require
- Good analytic and problem solving skills
- DoD Approved 8570 Baseline Certifications (eg, Security+) certifications
- RMF, Xacta experience
- DoD Approved Clearance and Poly
- Work 100% onsite in a secure environment
Desired Qualifications:
- Experience working with AWS/Google cloud-hosted information systems or applications
- Experience working with Redhat or CentOS Linux operating systems
- Experience working in a DevSecOps environment and tool chain
group id: 90908715
