BACK
Job
Description:
Position Title: C&A SME Location: Raleigh, NC Status: Green Card Clearance: Ability to obtain Public TrustÔ
Our client has an opening for a Certification & Accreditation SME in Raleigh, NC.
Duties: -Providing Information Technology Security Certification and Accreditation (C&A) guidance. -Facilitating initial briefings and subsequent meetings of the C&A core team. -Coordinating the completion of a BIA for each information resource. -Working with the Privacy Office on privacy-related requirements. -Recommending security requirements to executive sponsors and portfolio managers during the BIA process based on generally accepted industry practices, the operating environment [e.g., hosted in the de-militarized zone (DMZ)], and the risks associated with the information resource. -Providing guidance on how information resources are vulnerable to threats, what controls and countermeasures may be appropriate, and the C&A process. -Reviewing and evaluating C&A documentation, including the BIA, Risk Assessment, Security Plan, Security Test and Evaluation (ST&E) plan and report, and independent reviews of the information resource. -Preparing the C&A Evaluation Report. -Escalating security concerns or forwarding the C&A Evaluation Report and supporting C&A documentation package to the certifier. -Work with the ISSO to complete C&A artifacts and sending the other required artifacts (e.g., TAD and security specifications for procurements) to the ISSO.
Education: -Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
Experience: 10 years of related experience in data security administration.
-10+ years' experience *Experience with a wide variety of NIST Special Publications *Experience with a wide variety of NIST FIPS Publications 10
Skills: -Government and industry best practices -Assessment of sensitivity and criticality -Configuration and change control -Risk assessment methodology -Business continuity management -Software security -Ongoing testing of controls -Incident management -Monitoring -Compliance -Defense in depth
Highly desirable experience: -A thorough understanding of the Information Resource Security Certification and Accreditation (C&A) processes. Managed the end-to-end C&A process for Business Applications and Infrastructure Systems -Secure software development -Security code review standards -Hardware security -Network security -Perimeter protection -Connectivity management -Remote access management -Secure enclaves -Virus and malicious code protection Intrusion detection and prevention Penetration testing Vulnerability scans and audit Encryption
p>
Job
ID |
8003 |
Job
Title |
C&A SME |
Job
Location |
Raleigh, NC |
Contract
Pay Rate |
- |
Annual
Pay Rate |
- |
#
Required |
1 |
Apply
To |
BDP@atr.com |
An Equal
Opportunity Employer M/F/D/V
BACK
|