Bachelor’s degree in Computer Science, Business Information Systems, Business, or equivalent is preferred.
3-5 years of Assessment and Authorization experience with FISMA, DSS and the DoD Risk Management Framework (RMF).
Current CISSP certification is preferred.
IAM Level 3 Certification (GSLC, CISM, or CISSP) or ability to obtain within 3 months.
Have or be able to obtain US security clearance up to the TS level
MSSP/SSP/NSP documentation and review experience in a FISMA/DSS/DoD environment
Demonstrated interpersonal effectiveness, strong verbal and written communications skills
Experience supporting both Windows and Linux operating environments (at least 1 year practical experiencedesired).
Previous experience managing and supporting FISMA and DSS/NISPOM related environments
Strong technical IT computer skills are desired.
Working knowledge of NISPOM and DD 254
Assist in developing and reviewing MSSPs/SSPs/NSPs submitted by ISSOs for authorization and accreditation
Experience working with government regulations, such as NISPOM and Risk Management Framework and related documents based on customer requirements
Comprehensive and hands on knowledge of the NIST Risk Management Framework (RMF) as detailed in NIST 800-37 and DSS Assessment and Authorization Process Manual (DAAPM)
Experience with implementing & supporting NIST 800-53
Experience supporting various system configurations (Stand Alone, Local Area Networks, Wide Area Networks)
Experience with certifying compliance and auditing the security aspects of various operating systems and applications
Experience writing and reviewing Interconnected Security Agreements (ISA), NetworkSecurity Plans (NSP), Memorandum of Agreement/Understanding (MOA/U)
Ability to handle difficult people and/or situations in high pressure environments and make tough decisions
Customer focused and excellent time management skills
Experience configuring systems for classified operations using STIGS and/or other classified compliance guidelines.
Technical understanding and working experience of various Operating system, networktechnologies and security applications.
Working knowledge of National IndustrialSecurity Operating Manual (NISPOM)
It is the responsibility of every Iron Mountain employee:
to comply with all applicable laws, rules, regulations, and company policies
to exhibit ethical behavior in accordance with our Code of Ethics and Business Conduct
to complete required training within the allotted time frame
Iron Mountain is an equal opportunity employer, and does not unlawfully discriminate on the basis of race, color, religion, sex, national origin, marital status, age, sexual orientation, gender identity characteristics or expression, disability, medical condition, U.S. Military or veteran status or other legally protected classifications in making employment decisions.
Requisition # 2018-17060