IA/Security Engineer Senior with Security Clearance
Job Title: IA/Security Engineer Senior Job Description: The most security-conscious organizations trust our client to protect their vital IT assets. The reputation of our company rests on the quality of our solutions and the integrity of our people. Explore what you can bring to our solutions in the areas of cyber, cloud and enterprise security. Be a part of our client's culture and see what sets us apart! Our client offers an excellent compensation package with benefits that include generous paid time off, medical, dental, vision, tuition reimbursement, and 401k. Our employees enjoy more than just a great work environment! This position is to perform enterprise Risk Management Framework A&A activities consistent with Information Systems Security Manager (ISSM) responsibilities. The candidate will be responsible to interview system owners, research product technical documentation and document security relevant information in Xacta RMF A&A packages. The candidate will be required to apply domain knowledge and collaborate with team leads and clients to translate functional needs into technical security solutions appropriately. The candidate will have the opportunity to interface with Risk Management Framework and other Cybersecurity practitioners including the Authorizing Official, Information System Security Officers, System Owners and Engineers to assist with the development of the Security Authorization documentation packages. This position will be based in Tysons Corner, VA Responsibilities: * Manages Analysts engaged in ensuring the safety of information systems assets and protection of systems from intentional or inadvertent access or destruction. * Provide support for a program, organization, systems or enclaves. Support the Agency RMF Workflow and Processes by proposing, coordinating, implementing and enforcing information system security policies, instructions, standards, and methodologies. * Coordinate with the Data Custodian, Project Owner, and ISSM to identify the types of information processed, assign the appropriate security categorizations to the information systems, determine the information security and privacy impacts, and manage information security and privacy risk. Document the controls in the information security and privacy plan (or equivalent document) to ensure implemented controls meet or exceed the minimal controls defined by CISO guidance. * Maintain current system information in XACTA (eg, POCs, artifacts) to support organizational requirements and processes (eg, communication, contingency planning, training, data calls) * Evaluate the impact of network and system changes using RMF processes. * Ensure anomalies identified under the Sponsor's Information Security Continuous Monitoring activities are addressed and remediated in a manner that commensurate with the risks posed to the system from the anomalies. * Submit recommendations to the stakeholders for system configuration deviations from the required baseline. * Develop and maintain a system security plan (SSP). * Conduct periodic reviews to ensure compliance with SSP. * Ensure configuration management for security relevant IS software, hardware and firmware are maintained and documented. * Ensure system recovery processes are monitored to ensure security features and procedures are properly restored. * Ensure all IS security-related documentation is current and accessible to properly authorized individuals. * Formally notify the appropriate individuals when changes occur that might affect authorization. * Participate in governance and project reviews identified by the Sponsor. * Strong documentation skills. * Experience with XACTA 360, Continuum and other SCAP Compliant tools. * Working experience with RMF, ICD 503, CNSSI 1253, NIST SP 800-53/53A, and STIGs. Job Requirements: * Current TS Clearance with Sensitive Compartmented Information (SCI) and Full Scope Polygraph * IT/Computer Science/Cyber Security Bachelor's Degree and 4 years relevant experience * Experience using a combination of IA and IT related skills, but the emphasis for this position is much higher on the I/RMF side versus IT/Systems Integration. Experience in a role or implementer within the Risk Management Framework Assess and Authorize (A&A) process is a must. * Experience developing, analyzing and maintaining System Security Plans and associated artifacts. * Experience developing, reviewing and maintaining Plan of Action and Milestone findings. * Desired Certifications: Certified Ethical Hacker 10 (CEH), Certified Information Systems Security Professional (CISSP), Certified Information Systems auditor (CISA), NIST Cybersecurity Framework (NCSF), AWS Solutions Architect Associate or Professional as a cert qualification. Our client maintains a drug-free workplace and will conduct drug testing on all applicants who have accepted an offer of employment. Our client participates in the E-Verify program. Therefore, any employment with our client will also be contingent upon confirmation from the Social Security Administration ("SSA") and/or the Department of Homeland Security ("DHS") of your authorization to work in the United States. Our client offers excellent compensation packages including salary commensurate with experience and benefits to meet your needs for today and the future. Our client and its subsidiaries are an Affirmative Action/Equal Opportunity Employer encouraging women, minorities, individuals with disabilities, and veterans to apply. Job Type Full-Time Location Tysons Corner, VA Our client offers an excellent compensation packages including salary commensurate with experience and benefits to meet your needs for today and the future. Our client and its subsidiaries are an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.