| Location | |
| Country: | United States |
| State/Prov: | Virginia |
| City: | Arlington |
| Position | |
| Position/Title: | Certification & Accreditation Engineer |
| Position Type: | Permanent F/T |
| Closing Date: | 2009-08-21 |
| Job Description: |
ISSO II (522) Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Must be clearable to the Top Secret level. 1. Must develop and implement documentation outlining system operating environment, to include the overall mission, floor layout, hardware configuration, software, type of information processed, user organizations and security clearances, operating mode, interconnections to other systems/networks of users, their security personnel, and associated responsibilities; 2. Assist in the development and maintenance of the overall system security document, the Information System Security Plan, which contains all necessary security procedures, instructions, operating plans, and guidance. 3. Participate in the development or revision of System-specific security safeguards and local operating procedures that are based on the above regulations. 4. Provide IT security consulting to system owners as to the other security documents, for example, security incident reports, equipment/software inventories, operating instructions, technical vulnerability reports, and contingency plans. 5. Provide expertise in classified and unclassified ratings to customers. 6. Work closely with Certifiers to navigate the TSA Certification & Accreditation process and produce all appropriate accreditation documentation. 7. Attend monthly ISSO training course at TSA Headquarters. 8. Perform monthly vulnerability assessment scans of assigned systems using Tenable Nessus and similar tools, as appropriate. 9. Participate in Change Control Boards, as needed, to monitor, review and provide feedback on proposed changes to systems supported by this role. 10. Interact with all levels of management, including System Owners, CISO, DAA, and service providers, as needed, to ensure that appropriate security measures are in place for their systems. |
| Job Requirements: |
The ISSO is the principal point of contact for information assurance activities at the IT system level. The ISSO is responsible for ensuring that management; operational and technical controls for securing either National Security Systems or SBU level IT Systems are in place and are followed. This includes ensuring that appropriate steps are taken to implement information security requirements for IT systems throughout their life cycle, from the requirements definition phase through disposal. It is preferred that this person be a current CISSP, CISM, or possess a similar security professional certification. Strong relevant experience and education can substitute for these certifications. Candidates must possess a B.S. degree and 2 years relevant experience or 4 years of relevant IA experience with no degree. Candidates must possess experience with vulnerability scanning and assessments. The tools used by this customer are Nessus, AppDetective, WebInspect and ISS, so should have experience with these or similar tools. There is a slight chance of up to 10% domestic travel to locations where the system is hosted if issues arise. |
| Contact Information | |
| Contact Directions: | http://www.cytiva.com/kcg/apply2.asp?kcg?kcg522?pcoleridge? |
| Company: | Knowledge Consulting Group |
| First Name: | Paul |
| Last Name: | Coleridge |
| Title: | Sr. Recruiter |
| Email: | paul.coleridge (at) knowledgecg (dot) com [email concealed] |
