Search using our robust engine. Get the recommendations you need to get ahead.
Browse through our expansive list of legal practice areas.
Work where you are or where you would like to be. Find where you will work with LawCrossing.
Use our marketplace to feature your opportunity
Start your search today
Set up your account and manage your company profile on LawCrossing
Look through and compare company profiles
Learn from the legal expert
Discover salaries and the scope of your next job
LawCrossing Works Read Testimonials and Share your Story
Carrot Peelers, Sales, Personality and Your Job Search
In-House
Attorney
Information Technology
Min 15 yrs required
System Security Accreditation Expert Duties: Advise and support the government on the life cycle integrated system security accreditation, to include review of Request for Change (RFCs), Engineering Change Proposals (ECPs), related Certification and Accreditation (C&A) documents, attend design reviews as required, and ensure requirements are identified and documented Provide IC DTE support to the Program office to ensure that all aspects of each Information System (IS) from initial concept, through development, to implementation and system maintenance, and continuous monitoring meet applicable ODNI C&A requirements Review and provide comments on accreditation plan for IC DTE, which properly tracks the ODNI process by which the IC DTE definition, development, and security testing are to take place Provide advice and support to manage throughout the life cycle including cost, schedule, and performance system development, and after initial operating capability (IOC) transitions the systems to operations. Provide advice and support to IC DTE PO during the early stages of the system life cycle to initiate the C&A process, negotiate the security requirements that must be met, and the technical security features of the IC DTE Assist the government with the responsibility to ensure that security guidance flows from IC DTE PO to the developer for satisfying the requirements to deliver the system, to include the schedule for delivering a certified and accredited system Evaluates and provides input to the IC DTE PO RFCs, RFPs and any other taskers or actions as required. Collaborate with the C&A team to ensure the necessary milestones are reflected within the Master Schedule Identify and track C&A related issue to ensure closure and prevent impacts to the schedule Support various related reviews (TRR, ROMB, etc) as assigned or directed by the government Coordinate, participate, and represent the IC DTE PMO in registration meetings to formally register all IC DTE related information systems with the Designated Approval Authority (DAA) for IC DTE Ensure the System Security Authorization Agreement (SSAA) documents for IC DTE are properly prepared, maintained, and accurately reflects the definition, development, security testing processes, and relevant security requirements Perform required actions to ensure all DTE related Information Systems are properly entered and maintained using the XACTA Information Assurance web application Review and submit evidence of completion to all DAA directed liens via a Plan of Action and Milestones (POAM) for IC DTE information systems to ensure the Program Manger is in compliance with ODNI guidance to maintain continuous monitoring of IC DTE accredited information systems Review all aspects of proposed system security plans to ensure the system is being developed in compliance with ODNI security guidelines, agency policies, and Intelligence Community Directives Ensure Vulnerability Assessment Testing (VAT) is scheduled and completed on an annual basis and any findings are addresses in a POAM Ensure that appropriate Information Assurance Vulnerability Alerts (IAVA) are reviewed, assessed, and responded to in a timely manner Prepare a staff summary sheet (SSS) and brief for all systems that require a cross domain solution Maintain routine interface with the ODNI C&A team (IAO, CE, and DAA) and keep them informed of any pending changes to the system baseline which may impact security Coordinate and negotiate the formal Rules of Engagement technical meeting with the penetration testing and vulnerability testing teams to discuss the rules, assessment activities, requirements, and other activities associated with conducting penetration and vulnerability testing on systems requiring a cross domain solution Schedule and coordinate Penetration Testing for all systems that require a cross domain solution, ensuring that agreed to Rules of Engagement are followed by the PEN team during test events Review and provide input on security related test procedures prior to readiness reviews. Ensure audit trails are periodically reviewed and report compliance to ODNI Information Assurance Officers (IAO) and that audit records are maintained and archived for future reference. Architects, plans, configures, deploys, maintains, and upgrades COTS/GOTS and custom toolsets to address vulnerabilities and/or implement security controls. Applies a combination of expert engineering knowledge of enterprise IT and security solutions to design, develop and/or implement solutions to ensure they are consistent with enterprise architecture security policies and support full spectrum military cyberspace operations. Designs, tests, and implements secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions. Includes security control design and solution planning at the system, mission, and enterprise level, security-in- depth/defense-in-depth, and other related IAM/ISSO/ISSE support functions. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access. Researches and evaluates cyber capabilities and new security tools and products against operational requirements and introduces them to the enterprise in alignment with IT security strategy, and to support the offensive and defensive capability design and troubleshoot and problem solve technical and non-technical issues. At the Leadership level this is senior technical staff dedicated to transforming customer environments into a more secure operating environment in a holistic manner.
Qualification and Experience
Qualifications: An understanding of the system security accreditation process. Demonstrated understanding of Certification and Accreditation processes. Bachelors and 18+ years' experience; Master's Degree and 16+ years' experience; PhD or JD Degree and 15 years' experience. Excellent oral and written communication skills. Customer- service and goal oriented. Excellent oral and written communication skills. Ability to work independently and as a team member under tight deadlines with changing priorities. Trained and experienced with using the XACTA Information Assurance web application. Maintain a professional certification as a Certified Information Systems Security Professional (CISSP). Demonstrated understanding of the IC DTE mission and its contributions to the IC ITE and IC.
Job Number: 427553
Sign Up Now