SMS is seeking an Information Assurance Security Specialist to join our team supporting the United States Coast Guard in Alexandria, VA. The Information Assurance Security Specialist is responsible for all Risk Management Framework (RMF) activities for implemented CDM technologies. You'll also work in a dynamic environment with other IA professionals using the latest technology.
As a dynamic systems integrator, SMS offers proven solutions in engineering, operations, cybersecurity, and digital transformation. With expertise in modernizing and optimizing legacy infrastructure and systems, ensuring operational efficiency, and designing, implementing, and managing secure environments, SMS supports business and mission goals with proficiency, quality, and integrity.
SMS has been serving the advanced information technology needs of the federal government since 1976, delivering talented teams and innovative, cost-effective solutions and services to support our customers’ missions for more than 40 years. SMS is headquartered in McLean, Virginia, with offices and on-site operations at customer locations throughout the United States. For additional information on SMS, visit www.sms.com.
Submit your resume today.
ResponsibilitiesAs an Information Assurance (IA) Specialist, you will be a member of a team in our Assessment & Authorization (A&A) organization responsible for managing all Risk Management Framework activities for the United States Coast Guard (USCG). You’ll also work in a dynamic environment with other Information Assurance professionals.
More About the Role
The Information Assurance Specialist - will be responsible for the following:
Serve as a member and representative of assigned team for meetings and efficiently meet established milestones and targeted completion dates.Assist in Security Assessment & Authorization CoordinationPlan and conduct security authorization reviews of federal systemsManage and review Accreditation PackagesSupport USCG system accreditation and Ongoing Assessment and Ongoing Authorization processes and activities for assigned systems.Provide knowledge of Risk Management Framework (RMF) policy and application, NIST Security Controls, and Control Implementation methodologies for the A&A process.Review and provide guidance on System Security Plan, Security Assessment Report (SAR), and Plans of Action and Milestones and other security documentation.Support POA&M remediation activities and the review of POA&M closure documentation.Responsible for assessing and developing authorization packages for technical solutions that may require collaboration with internal expertise and deep analysis of the technical solution.Collaborative and communicates with parties within, and outside, of own job function. May have responsibility for communicating with parties external to the organization (e.g., customers, vendors, etc.Understands and supports Privacy Compliance Activities to include the review of Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), and Statement of Record Notices (SORN).Facilitates and monitors information assurance (IA) processes for new projects, including the development of security authorization packages and the tracking of progress for all Security Control implementations and Plans of Action and Milestones (POA&M).Support and/or development of all Security Authorization artifacts and documentation and assembling of Authorization packages.Responsible for administration and adherence of the Risk Management Plan.Coordinate closely with the Quality Assurance Specialists in identifying and mitigating risk to meet established quality standards. Qualifications University Degree (BA/BS) or equivalent experience and minimum 5 years related work experienceIAT II: At least one of the DOD 8750 IAT II certifications: CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCPCSSP-AU: At least one of the DOD 8750 CSSP Auditor certifications: CEH, CySA+, CISA, GSNA, CFR, PenTestRelevant DOD, DHS or .gov Cyber Security Information Assurance focused experience with specific current hands-on experience researching, writing, and submitting complete A&A documentation packages for new system authorizations.Well-developed understanding of Federal Civilian or DHS Security Assessment and Authorization (SA&A) processes.Experience with continuous monitoring/ongoing authorizationIntimate understanding of NIST RMF implementation guidance.In-depth understanding of the relevance of NIST Security Controls and Control Implementation methodologies to the SA&A process.Experience assessing security controls based on cybersecurity principles and tenets. (e.g., NIST SP 800-53, Cybersecurity Framework, etc.).Demonstrated understanding of critical documentation required in Security Authorization (SA) Packages.Ability to understand and support Privacy Compliance Activities to include the development of Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), and Statement of Record Notices (SORN).Experience managing client relationships, including determining client needs/requirements, managing client expectations, and demonstrating commitment to delivering quality results.Experience analyzing strategic guidance for issues requiring clarification and/or additional guidance.Understanding of the basic concepts and issues related to cyber and its organizational impact.Experience with administrative planning activities, to include preparation of functional and specific support plans and preparing and managing correspondence.These Qualifications Would Be Nice to Have:
Well-developed understanding of Systems Development Lifecycle (SDLC) and ideally the DHS Systems Engineering Lifecycle (SELC) process as it relates to Security Assessment and Authorization (SA&A)Hands on experience with eMASS or similar application.Clearance
Active DOD Secret clearance requiredCertifications
IAT Level II CSSP-AU: At least one of the DOD 8750 IAT III certifications: CASP+ CE, CCNP Security, CISA, CISSP (or associate), GCED, GCIH, or CCSP
SMS is a dynamic systems integrator established in 1976, delivering talented teams and innovative, cost-effective solutions and services to support our customers’ missions for more than 47 years. Our ability to hire and retain quality people in a rapidly evolving IT market is proven through our employee retention rate averaging over 3 years. At SMS, we place a high value on quality of service, customer satisfaction, and best-of-breed policies and practices, resulting in CMMI Level 3 certification and ISO registrations including 9001:2015, 20000-1:2018, and ISO/IEC 27001:2013. SMS is headquartered in McLean, Virginia, with offices and on-site operations at customer locations throughout the United States.
SMS is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Options Apply for this job onlineApplyShareEmail this job to a friendRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed Application FAQsSoftware Powered by iCIMS
www.icims.com