Subject Matter Expert - Information Security

Washington, DC
Jul 17, 2017
Aug 07, 2017
IT, Security Engineer
Full Time
Job Description Responsibilities: In addition to the technical duties outlined below, the candidate will be expected to: Serve as the IT Security Team's primary point of contact with the client Serve as a manager for the IT Security Team providing coaching, mentoring, and direction for the prime and sub-contractor staff Direct the day-to-day activities of a security team in collaboration with the government lead. Ensure that ticket queues are monitored and that SLAs are met by the security team SME will: Support scheduled audits and compliance reviews As requested by the Office of inspector General (OIG), assist on investigative matters, related to information security Coordinate with agencies and System Owners and provide guidance and oversight during OIG audits Prepare scheduled FISMA reports and other required Federal reports. Conduct PO&AM reviews, oversight and reporting Conduct Privacy Impact Assessments Coordinate data collection, analysis and reporting for IT Security Data Calls, FOIA Requests, Incident reports and other types of data calls that may be necessary Provide necessary leadership, execution and support of compliance activities related to Federal Information Technology security mandates including but not limited to: Federal Information Management Security Act (FISMA), Federal Information System Control Audit Manual (FISCAM), Federal Information Technology Acquisition Reform Act (FITARA), Presidential Directives (PD) 63 and 67, Public Law 100-235, Office of Management and Budget (0MB) A-123, 0MB A-127, and 0MB A-130 Perform security assessments Develop, review, and update Certification and Accreditation (C&A) packages and Authority to Operate (ATO) documentation for systems hosted and owned by OCIO Maintain and manage the required systems security documentation on the - Cyber Security Assessment and Management (CSAM) system. Minimum documentation includes, but is not restricted to: o System Categorization Worksheets (SCW) o Privacy Impact Assessments (PIA) o Security Control Assessments (SCA) o System Security Plans (SSP) o Risk Assessments (RA) o Contingency Plans (CP) and testing o FIPS 199 Security Categorization o Security Control Test & Evaluation (SCT&E) o Certification o Disposition plans o Annual and Quarterly Security Documentation review and testing o ATO certifications and re-certifications o Security Self Assessments (SSA) o Memoranda of Understanding (MOU) o Interconnection Security Agreement(s) Assist departmental agency system owners and representatives with use of CSAM as it pertains to the management of their system's security documentation. Coordinate with the departmental agency staff as necessary to provide guidance on the process of conducting risk analysis and computer security reviews, security assessments, the preparation of Disaster Recovery Plans in the Continuity of Operations (COOP) plans, security plans, and the processes involved in the required activities for the Certification and Accreditation of Major Information and General Support Systems (MIS/GSS) On a quarterly basis, conduct reviews on Information Systems security documents for all OCIO hosted systems to minimally include: o Plan of Action & Milestones (POA&Ms) o Security Control Test & Evaluation (SCT&E) Develop IT security policies, procedures and standards as requested Review system security documentation Conduct System Owner training on a regular basis Manage the Computer Security Awareness Training project and associated documentation Manage the Role Based Training project Develop, review, update and publish Rules of Behavior Conduct training on various departmental and agency activities and processes that support the risk management and security posture of the department and departmental agencies Manage day-to-day Security Operations Develop, establish and support a Security Operations Center Develop policies and procedures to ensure agency's compliance with departmental policies, federal law and regulations Develop and implement information sharing regarding cyber security best practices and common vulnerabilities Prepare and publish monthly cyber security newsletters Conduct, as needed, system penetration testing, vulnerability assessment, and security risk analysis Support process, technical and R&D activities Conduct research of new technologies, systems and processes to make recommendations on the enhancement of the agency security posture Perform research and preliminary proof-of-concept testing of security tools Serve as the System Owner liaison Perform incident response activities Lead the incident response team Conduct incident response activities to include investigation, containment, and mitigation of undesired activities that pose a risk to the Department's IT assets Prepare and submit SAR responses Perform audit log, firewall, forensic reviews Analyze events and correlation to specific incidents

Similar jobs