We are seeking an information system security representative for our mission-critical customer in Vienna, VA.
- Ensure that FBI ISs are operated, maintained, and disposed of in accordance with the internal security policies and practices outlined in the approved Security Assessment and Authorization (SAA) package Define IS and Network Environment security requirements in accordance with applicable cybersecurity requirements.
- Manage the SAA process for new FBI ISs and legacy FBI ISs migrating into the GRC application Design and develop cybersecurity-enabled products for use within an IS and Network Environment.
- Provide baseline security controls to the system owner, contingent upon the IS’s security categorization, type of information processed and entity type.
- Provide a recommendation to the Authorizing Official, in consultation with the system owner, regarding systems’ impact levels and ISs’ authorization boundary.
- Ensure that new entities are created in the GRC application with the security categorization of FBI ISs.
- Initiate, coordinate, and recommend to the FBI Authorizing Official all Interconnection Security Agreement (ISAs), Memorandum of Understanding (MOUs), and Memorandum of Agreement (MOAs) that permit the interconnection of an FBI IS with any non-FBI or joint-use IS.
- Perform an independent review of the System Security Plan (SSP) and make approval decisions.
- Request and negotiate the level of testing required for an IS with the Enterprise Information Security Section and the FBI Authorizing Official.
- Schedule security control assessments in coordination with the system owner.
- Coordinate IS security inspections, tests, and reviews with the Security and system owner. Submit the final SAA package to the FBI Authorizing Official for a security ATO decision.
- Ensure that the Security ATO Electronic Communication (EC) is serialized into Sentinel under the applicable case file number.
- Advise the FBI Authorizing Official of IS vulnerabilities and residual risks.
- Ensure that all POA&M actions are completed and tested.
- Coordinate initiation of an event-driven reauthorization with the FBI Authorizing Official.
- Ensure the removal and retirement of FBI ISs being decommissioned, in coordination with the SO, ISSO, and ISSR.
- A bachelor’s and/or advanced degree in computer science, business management, or IT-related discipline is preferred.
- At least 7 years serving as an ISSR at a cleared facility.
- Minimum of 10 years work experience in a computer science or Cybersecurity related field.
- Hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP), Global Information Security Professional (GISP), or the CompTIA Advanced Security Practitioner (CASP) or other certifications exemplifying skill sets such as those described in DoD Instruction 8570.1 IAM Level III proficiency.
- Familiarity with the use and operation of security tools including Tenable Nessus and/or Security Center, IBM Guardium, HP Weblnspect, Network Mapper (NMAP), and/or similar applications.