isecjobs.com

Senior Information Assurance Security Specialist

Springfield, VA, United States

Full Time Senior-level / Expert Clearance required USD 101K - 188K *
SMS Data Products Group, Inc. logo

SMS Data Products Group, Inc.

SMS' Cloud and Platform Engineering team provides the expertise, partnership, and integrity to make cloud work for you. Read more about our Cloud and Platform

View all jobs at SMS Data Products Group, Inc.

Apply now Apply later

Overview

SMS is seeking an Senior Information Assurance Security Specialist to join our team supporting the United States Coast Guard in Alexandria, VA. The Information Assurance Security Specialist is responsible for all Risk Management Framework (RMF) activities for implemented CDM technologies. You'll also work in a dynamic environment with other IA professionals using the latest technology.

 

As a dynamic systems integrator, SMS offers proven solutions in engineering, operations, cybersecurity, and digital transformation. With expertise in modernizing and optimizing legacy infrastructure and systems, ensuring operational efficiency, and designing, implementing, and managing secure environments, SMS supports business and mission goals with proficiency, quality, and integrity.

 

SMS has been serving the advanced information technology needs of the federal government since 1976, delivering talented teams and innovative, cost-effective solutions and services to support our customers’ missions for more than 40 years. SMS is headquartered in McLean, Virginia, with offices and on-site operations at customer locations throughout the United States. For additional information on SMS, visit www.sms.com.

 

Submit your resume today.

Responsibilities

The Senior Information Assurance Specialist  will be responsible for the following:

  • Serve as senior member and representative of assigned team for meetings and efficiently lead internal resources to meet established milestones and targeted completion dates.
  • Provide guidance, coaching and training to employees of assigned team.
  • Assist in Security Assessment & Authorization Coordination
  • Plan and conduct security authorization reviews of federal systems
  • Manage and review Accreditation Packages
  • Support USCG system accreditation and Ongoing Assessment and Ongoing Authorization processes and activities for assigned systems.
  • Provide SME knowledge of Risk Management Framework (RMF) policy and application, NIST Security Controls, and Control Implementation methodologies for the A&A process.
  • Review and provide guidance on System Security Plan, Security Assessment Report (SAR), and Plans of Action and Milestones and other security documentation
  • Support POA&M remediation activities and the review of POA&M closure documentation.
  • Responsible for assessing and developing authorization packages for technical solutions that may require collaboration with internal expertise and deep analysis of the technical solution.
  • Collaborative and communicates with parties within, and outside, of own job function. May have responsibility for communicating with parties external to the organization (e.g., customers, vendors, etc.
  • Understands and supports Privacy Compliance Activities to include the review of Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), and Statement of Record Notices (SORN).
  • Facilitates and monitors information assurance (IA) processes for new projects, including the development of security authorization packages and the tracking of progress for all Security Control implementations and Plans of Action and Milestones (POA&M).
  • Support and/or development of all Security Authorization artifacts and documentation and assembling of Authorization packages.
  • Responsible for administration and adherence of the Risk Management Plan.
  • Coordinate closely with the Quality Assurance Specialists in identifying and mitigating risk to meet established quality standards.

Qualifications

    • Minimum of an active DoD Secret clearance required
    • University Degree (BA/BS) or equivalent experience and minimum 5 years related work experience
    • CSSP-AU: At least one of the DOD 8750 IAT III certifications: CASP+ CE, CCNP Security, CISA, CISSP (or associate), GCED, GCIH, or CCSP
    • Relevant DOD, DHS or .gov Cyber Security Information Assurance focused experience with specific current hands-on experience researching, writing, and submitting complete A&A documentation packages for new system authorizations.
    • Well-developed understanding of Federal Civilian or DHS Security Assessment and Authorization (SA&A) processes.
    • Experience with continuous monitoring/ongoing authorization
    • Intimate understanding of NIST RMF implementation guidance.
    • In-depth understanding of the relevance of NIST Security Controls and Control Implementation methodologies to the SA&A process.
    • Experience assessing security controls based on cybersecurity principles and tenets. (e.g., NIST SP 800-53, Cybersecurity Framework, etc.).
    • Demonstrated understanding of critical documentation required in Security Authorization (SA) Packages.
    • Ability to understand and support Privacy Compliance Activities to include the development of Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), and Statement of Record Notices (SORN).
    • Experience managing client relationships, including determining client needs/requirements, managing client expectations, and demonstrating commitment to delivering quality results.
    • Experience analyzing strategic guidance for issues requiring clarification and/or additional guidance.
    • Understanding of the basic concepts and issues related to cyber and its organizational impact.
    • Experience as senior or lead member of a team, including experience coaching and providing guidance to less experienced or new team resources, reviewing work products, tracking deadlines, and coverage, reporting, facilitating onboarding/offboarding procedures, etc.
    • Experience with administrative planning activities, to include preparation of functional and specific support plans and preparing and managing correspondence.

    These Qualifications Would Be Nice to Have:

    • Well-developed understanding of Systems Development Lifecycle (SDLC) and ideally the DHS Systems Engineering Lifecycle (SELC) process as it relates to Security Assessment and Authorization (SA&A)
    • Hands on experience with eMASS or similar application.

Clearance

  • Active DOD Secret clearance required

Certifications

  • IAT Level III certification 
  • CSSP-AU: At least one of the DOD 8750 CSSP Auditor certifications: CEH, CySA+, CISA, GSNA, CFR, PenTest

 

SMS is a dynamic systems integrator established in 1976, delivering talented teams and innovative, cost-effective solutions and services to support our customers’ missions for more than 47 years. Our ability to hire and retain quality people in a rapidly evolving IT market is proven through our employee retention rate averaging over 3 years. At SMS, we place a high value on quality of service, customer satisfaction, and best-of-breed policies and practices, resulting in CMMI Level 3 certification and ISO registrations including 9001:2015, 20000-1:2018, and ISO/IEC 27001:2013. SMS is headquartered in McLean, Virginia, with offices and on-site operations at customer locations throughout the United States. 

 

SMS is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Apply now Apply later
  • Share this job via
  • 𝕏
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: CASP+ CCNP CCSP CEH CISA CISSP Clearance Clearance Required Compliance DoD eMASS GCED GCIH GSNA Monitoring NIST NIST 800-53 POA&M Privacy Risk management RMF SDLC Security assessment Security Assessment Report System Security Plan

Region: North America
Country: United States

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Information Security Specialist jobsPenetration Tester jobsSenior Cyber Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsPrincipal Security Engineer jobsCloud Security Architect jobsSenior Network Security Engineer jobsInformation System Security Officer jobsChief Information Security Officer jobsSenior Penetration Tester jobsStaff Security Engineer jobsSecurity Specialist jobsSecurity Consultant jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Information Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsCybersecurity Consultant jobsSenior Information Security Engineer jobsInformation System Security Officer (ISSO) jobsThreat Intelligence Analyst jobs
SaaS jobsSDLC jobsMalware jobsEncryption jobsRMF jobsForensics jobsSQL jobsGDPR jobsIPS jobsSplunk jobsIDS jobsTop Secret jobsEDR jobsFinance jobsDoDD 8570 jobsTerraform jobsBash jobsITIL jobsOWASP jobsCRISC jobsUNIX jobsGIAC jobsCompTIA jobsDocker jobsIntrusion detection jobs
TCP/IP jobsBanking jobsSANS jobsThreat detection jobsData Analytics jobsActive Directory jobsPolygraph jobsCCSP jobsOSCP jobsClearance Required jobsVPN jobsCyber defense jobsIT infrastructure jobsSOC 2 jobsAnsible jobsJavaScript jobsSOX jobsDNS jobsSOAR jobsJira jobsGCIH jobsSecurity strategy jobsOracle jobsNIST 800-53 jobsCryptography jobs