Bachelor's Degree in Computer Science or IT Engineering preferred; can substitute for four years of experience.
DoD 8570-01-M compliance with a Security Authorization Professional or System Security Engineer certification.
Prior experience in roles such as IT Risk Assessor or System Security Engineer is essential.
Thorough knowledge of information assurance principles and practices is required.
Certification in IAM Level II or CISSP (or Associate) is necessary.
Responsibilities
Identify security requirements for data protection and implement security controls.
Perform and analyze security planning, risk management, and control assessments.
Ensure Information Assurance (IA) functions are integrated into configuration management processes.
Collaborate with customers, IT staff, and executives to define IA objectives.
Contribute to the development of security architecture.
Assist in integrating legacy systems for security measures.
Prepare security authorization documentation for compliance.
Benefits
Opportunities for professional certification and training.
Dynamic work environment with direct interaction with IT and corporate leadership.
Contributions to important information security projects.
Engagement in the integration of cutting-edge technology in security measures.
Full Job Description
Clearance Required: TS/SCI
Other Requirements: U.S. Citizenship
Job Description:
Assists in identifying overall security requirements for the protection of data, to ensure the implementation of appropriate information security controls.
Assists in performing and analyzing the security planning, assessment, risk analysis, risk management process, security control assessments, and awareness activities for systems, and networking operations.
Provides assistance to ensure IA functions are included in the configuration management process.
Interacts with customers, IT staff, and high-level corporate officers to assist in defining and achieving required IA objectives for the organization.
Contributes to building security architecture.
Assists with the integration of legacy systems.
Contributes to the acquisition/RDT&E environment and building IA into systems deployed to operational environments.
Prepares security authorization documentation.
Required:
Ten years or related work experience.
A Bachelor's Degree in Computer Science or IT Engineering is desired and may be substituted for four years of experience; substitution of work experience is at the discretion of the COR.
DoD 8570-01-M compliance with Security Authorization Professional or System Security Engineer.
Previous work experience as one of the following: IT Risk Assessor, System Security Engineer, Information Systems Security Manager, or DAO; substitution for work experience is at the discretion of the COR.
Working knowledge of the following is required: system security design process, defense-in-depth/breadth, engineering life cycle, information domains, cross-domain solutions, controlled interfaces, identification, authentication and authorization, system integration, ICD 503 (formerly NISCAP), risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, security authorization process, principles of IA (confidentiality, integrity, non-repudiation, availability, access control), and security testing.
