Senior Security Analyst / Senior Agency Liaison

Salary depends on experience
Posted on 11/15/17
11 - 15 years experience
Business Services
Salary depends on experience
Posted on 11/15/17

Overview:

 

The Program provides direct services to OCIO and agency IT and security personnel as Agency Liaisons, supporting a highly effective and agile the Agency Liaison Support Services Program (ALSSP). The Agency Liaisons are Subject Matter Experts (SMEs) who continuously provide direct services, assistance, and guidance to OCIO and agency IT and security personnel to help them understand and implement USDA’s policy and procedures for USDA’s RiskManagement Framework, which includes, but is not limited to, USDA’s Assessment and Authorization (A&A), Continuous Monitoring (CM), and Continuous Diagnostics and Mitigation (CDM) programs and processes. Agency Liaisons perform activities and tasks necessary to facilitate and ensure that OCIO and agencies meet or exceed FISMA compliance and USDA’s information security policies and procedures for all information assurance activities as mandated and In Accordance With (IAW) applicable FISMA law and other regulations, OMB mandates and applicable circulars, NIST standards and guidance, and USDA cybersecurity policy and procedures.

 

Position Descripition:

 

The Senior Agency Liaison shall be the senior security analyst for the Agency Liaison Services Support Program (ALSSP) and is the single point-of-contact for assistance, support, and resolution of activities, tasks, and issues of the overall program and for the agencies assigned to the Agency Liaison. This position requires interacting professionally and positively with OCIO and ASOC internal and external customers, such as, clients, co-workers, associates, and othercontractors, as well as, agency IT and cybersecurity senior and support staff. The Senior Agency Liaison shall oversee the planning, direction, and timely execution of activities and tasks for the Mid-Level Agency Liaisons for the PWS. 

 

Responsibilities

  • Serves as A&A Subject Matter Experts (SME) to OCIO and agencies by tracking, monitoring, and reporting on the status of all USDA IT Systems to ensure compliance with applicable FISMA law and other regulations, OMB mandates and applicable circulars, NIST standards and guidance, and USDA cybersecurity policy and procedures and USDA Risk Management Framework (RMF) Six Step Processes
  • Provides assistance and guidance to OCIO and agencies through identifying and resolving problems in an efficient and timely manner with A&A requirements, processes, and procedures; recognizing the proper course of action to take; and identifying, routing, and tracking issues for escalation and resolution to appropriated ASOC personnel, as specified by the Government
  • Provides training to OCIO and agencies, as needed, with the USDA Risk Management Framework (RMF) Six Step Processes; A&A requirements, processes, and procedures; and with relevant and supporting technologies or processes, such as, but not limited to, CSAM and the A&A Concurrency Review Process
  • Tracks, monitors, reviews, reports, and documents when OCIO and agency systems and major applications will require an A&A to be performed; review and discuss planning process to initiate and complete the A&A; and facilitate and provide guidance to shepherd A&A package to completion
  • Provides advisory services to OCIO and agencies promoting continuous improvement of their security posture; consults on the security posture of their systems; and works to ensure common understanding and expectations for security compliance for their systems
  • Provides assistance, guidance, and mentoring to OCIO and agency IT, security personnel, and key stakeholders, such as OCIO or agency System Owners, during all phases of the A&A process
  • Tracks, monitors, and reports on the Authorization to Operate (ATO) status for systems and applications to ensure that OCIO and agencies are planning and implementing activities and tasks to meet timelines and milestones for completing both A&A Phase 1 and Phase 2 activities and minimize and reduce the occurrence of ATO expirations
  • Reviews, tracks, monitors, and reports on OCIO and agency A&A relevant documentation for all systems and applications listed in CSAM to ensure compliance (or identify non-compliance), accuracy, completeness, and validity of documentation
  • Measures and tracks team performance in this metrics-driven organization
  • Provides team leadership with strong measurable results

Qualifications

  • Bachelor’s Degree in Computer Information Systems, Computer Networking, or related field or equivalent experience
  • Current IT Security Certification (e.g. CISSP, CISM, CAP, FITSP, etc.)
  • 10+ years experience and knowledge in IT and/or security operations and management, development and implementation, and administration and program management
  • 7+ years experience and knowledge of cybersecurity concepts, methods, best practices, tools, policies and laws as outlined by FISMA, OMB, NIST, DHS, and other government and non-government cybersecurity organizations
  • 5+ years experience in performing information security assessments as outlined in NIST Special Publications, including skills in identifying and analyzing securityrisks, developing and presenting findings and recommendations to IT and cybersecurity managers and their technical teams and staff
  • 3+ years experience as team leader and/or supervisor, including skills in providing leadership and coordination of teams, and leading and training a team of IT and cybersecurity specialist on organizational policies, procedures, and guidance
  • Experience and training in using Cyber Security Assessment and Management (CSAM) or equivalent tool used to assess, document, manage, and report on the status of IT securityrisk assessments and implementation of Federal mandated IT security control standards and guidelines
  • Excellent oral and written communication skills, attention to detail, ability to communicate highly technical requirements to a diverse audience across multiple mission areas on all aspects of the Agency Liaison Services Support Program, including skills in communicating new policy, guidance, or procedural requirements provided by OMB, NIST, DHS, and/or USDA
  • 1+ year of experience with team performance metrics, creating and measuring
  • Must be US Citizen

 

Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.