The program provides Systems Engineering and Technical Assistance (SETA) core and non-core support in the areas of Cyber Security and Management to improve the Information Assurance (IA) posture of a National customer. The contracts Core Capabilities are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support.
Position Description:
The Information Security Continuous Monitoring Validator provides support to the customer in the area of Cyber Security. Daily tasks include, but are not limited to:
Supports the Information Security Continuous Monitoring (ISCM) Program Lead and Validator Lead in standing up the customer's Continuous Monitoring (ConMon) program.
Assists ConMon Validator Lead with developing ConMon Validation process improvement activities
Validates, for efficacy, ConMon control Bodies-of-Evidence (BOEs) entered in the ConMon tool
Guides, mentors and instructs program Information System Security Officers (ISSOs) on methods to improve ConMon BOE entry language
Guides, mentors and instructs program Information System Security Officers (ISSOs) on methods to improve fidelity of ConMon BOEs
Assist Security Control Accessors (SCAs), FISMA and Inspector General (IG) Teams on examining ConMon BOEs for official reporting
Proactively identify and provide metrics and reporting data appropriate for AO/DAOs to make sound risk decisions for continued authorization of systems
Initiate and participate in studies to improve ConMon reporting metrics
Recommend improvements on Enterprise Security Services (ESS) tool implementations
Job Requirements
Qualifications:
Required:
Current U.S. Government Top Secret clearance with SCI eligibility
Favorably adjudicated Polygraph
DoD 8570 certification in IAT or IAM
Strong attention to detail and organizational skills
Excellent communications skills
Self-starter requiring limited direction and supervision
Experience implementing RMF Process and NIST 800-53 technical controls, as well as developing and maintaining associated certification and accreditation documentation
Experience as an ISSO, Information System Security Manager (ISSM), SCA, or Delegated Authorization Official Representative (DAOR)Strong attention to detail
Ability to work in a team environment
Working knowledge of Microsoft tools; Outlook, Excel, PowerPoint, SharePoint
Excellent oral and written communications skills
Desired:
Information Security Continuous Monitoring experience
Self-starter requiring limited direction and supervision
Bachelors of Science Degree in Science, Technology, Engineering or Mathematics (STEM) or an advanced IA certification (i.e. CISSP or CASP)
Experience briefing senior customer personnel
Experience supporting IC or DoD in the Cyber Security Domain with acquisition and project management
Experience with RSA Archer, Service Now, and Xacta