Do you want to work for a company that is passionate about security and has a fun, start-up culture with large company perks? Do you want to be in an environment where you will continuously learn new skills, grow and take on new opportunities due to the abundance of new projects on the horizon?
If you answered yes to these questions, this opportunity could be for you!
Defense Point Security is currently seeking a Security Assessor in Washington, D.C. with an active Secret level security clearance.
Job Responsibilities:
- Use Federal Certification and Accreditation (C&A) processes to research, verify and document information security controls in order for the "systems" to be accredited
- Communicate and enforce security policies, procedures and safeguards for all systems and staff, based upon NIST and/or DIACAP
- Analyze and advise on the risk and remediation of security issues based on reports from vulnerability assessment scanners, patch management tools, and emerging threat information
- Initiate, coordinate and track the patching and remediation of security weaknesses as they are discovered, via a "Plan of Actions and Milestones" (POAM)
- Report on security status and security incidents
- Ensure event logs are reviewed at least daily or weekly
- Conduct Security Authorization document reviews
- Create and compile Authorization packages to include: Designation Letters, Security Plans, Contingency Plans, SOPs
- Conduct meeting with Government leadership and briefing on the State of Security for the systems in their purview
- Create/maintain Work Break Down structures in MS Project for each System
- Ensure the Configuration Management Database (CMDB) is continuously updated
- Coordinate with the appropriate operational group to accurately update the System Design
- Document for each IT system
- Assist in maintaining all configurations, architecture, installed software, accounts, data flows, ports, protocols, and other relevant data for each IT System and capture in design documents in MS Visio
- Provide oversight and guidance regarding requests to modify technical policies such as firewall rules, ports, protocols, etc. for each IT system
- Work with auditors to identify Key Controls which must be assessed on a recurring annual basis
Job Qualifications:
- This position requires US Citizenship due to our Federal contractual obligations
- BA/BS or higher preferred, in Computer Science, Information Systems, Software Engineering or other related analytical, scientific, or technical disciplines
- 10 years experience in IT security, including Certification and Accreditation and/or IT security risk analysis/advice, preferably in support of the Federal government
- CISSP and PMP preferred or required within the first 6 months
- Knowledge of Federal government C&A practices and policies, particularly ICS 503, FISMA, NISP SP 800-53, and DHS 4300
- Experience with information assurance tools preferred
- Experience vulnerability assessment scanning tools and reporting
- Previous Department of Homeland Security experience a plus
- Working knowledge of Ongoing Authorization with in the NIST Framework
Job Location: Washington, D.C.
Position Type: FullTime/ Regular
Security Requirement: Secret