Home > Northern Virginia jobs > Northern Virginia computer/technical

Posted: Saturday, November 4, 2017 2:52 PM

Job Description: POSITION SUMMARY: Functions as expert consultant in all aspects of information security. Prepares in:depth studies and analyses. Manages major information security efforts. Maintains affiliation with national/international organizations. Functions on broad scope programs of national/international basis. Performs independent work or manages a team in support of a customer either on site or of:site. RESPONSIBILTIES: The Customer maintains on:going awareness of Enterprise and Mission information systems, vulnerabilities, and threats to enhance mitigation solutions and risk decisions to ensure the integrity of the IT systems. This position will at times support activities that enable the team to target, assess, exploit and report the risks and vulnerabilities of organization systems. The candidate will play a key role in helping to manage day:to:day assessment activities within the office. This position will be responsible for conducting document review of Security System Plans (SSP) and System Concept of Operation (CONOP) while working closely with Client Task Manager and security SMEs to coordinate the planning, scheduling, and testing of projects in the Assessment and Authorization (A and A) process. The candidate would be expected to employ strong technical and organizational skills to coordinate requirements and deliverables with the customer; maintain statistical data; document best practices; schedule and prioritize of tasks; gather inputs; and prepare monthly metrics. Additional duties shall include, but not be limited to: A: Have the KSAs defined for the labor category and skill level in the Workforce Management System (WMS). A: Assist client in evaluating, documenting, and tracking project requirements. A: Assist with schedule development for routine assessments, and coordinating with ISSMs and projects. A: Lead customer control gate reviews of assessment artifacts prior to security assessment. A: Coordinate internal project schedules and client deliverables, participate in meetings; maintain a current status record on all projects. A: Support tasks requiring the collection, compilation, evaluation, and publication of information and statistical data in documents, records, forms, reports, plans, policies, and regulations. A: Determine customer requirements through customer consultations. A: Analyze workflows, design and develop methodologies to assist internal workflow management, including but not limited to: interactive forms (for example word macros), manuals, processes/procedures, and information sheets. A: Review and make recommendations on program:level documentation (e.g., requirements specification, system architecture, design documents, test plans and security plans) A: Assist with researching, evaluating and developing relevant Information Security policies and guidance. A: Review vulnerability assessment scans including but not limited to NESSUS, WebInspect, AppDetective. A: Develop, assemble, and submit A and A testing results that document testing activity and results to support the adjudication of risk assessments and approval packages A: Conduct quality control reviews of security assessments prior to publication. EDUCATION and EXPERIENCE: Typically requires a bachelors degree or equivalent and sixteen to eighteen years of related experience. At least two years of demonstrated on:the:job experience with vulnerability assessment scanning tools and performing security analysis. At least five years of demonstrated on:the:job experience communicating vulnerability results and risk posture to projects. At least two years of demonstrated on:the:job experience creating systems and applications security documentation. Demonstrated on:the:job experience with risk management methodologies. Clearance requirement is a TS/SCI w/Polygraph. PHYSICAL DEMANDS: Normal demands associated with an office environment. Ability to work on computer for long periods, and communicate with individuals by telephone,


• Location: Northern Virginia

• Post ID: 40531437 nova is an interactive computer service that enables access by multiple users and should not be treated as the publisher or speaker of any information provided by another information content provider. © 2017