Information Systems Security Officer - SECRET Clearance
-Identifies key stakeholders in the A&A effort for medical systems and networks and works with them to confirm that the system documentation reflects the current security configuration of the system, in terms of hardware and software components, data flow, interconnections, and ports, protocols, and services -Identifies potential risks associated with the configuration of the system and appropriate mitigation strategies -Conducts status meetings and determines next steps in moving the systems toward a successful accreditation effort -Works with the cybersecurity team to develop and implement the detailed test plan and review findings from self-assessment to determine readiness for independent assessment -Assist in drafting 'Authorization to Operate (ATO) packages for new and existing systems.
-Provide subject matter expertise in all cyber security initiatives and help in explaining new guidance.
-Draft documentation needed to announce new cyber security initiatives and participate building and implementing processes surrounding cyber security.
-Provide cyber security reports to DHA leadership, conduct scans and participate in the process to obtain ATO status for systems determined by DHA and/or MTF leadership.
-Complies with MTF cyber security program implementation plan, and ensures compliance with DHA management policies.
-Assists the system owners and system SAs in interpreting and applying mitigation strategies -Ensure compliance with data security policies and relevant legal and regulatory requirements in accordance with DHA directives and applicable Risk management Framework (RMF) requirements.
-Ensure appropriate changes and improvement actions are implemented as required.
-Ensure compliance with protection requirements, control procedures, incident management reporting, remote access requirements, and system management for all systems under scope.
Education:
BS degree in Engineering, Physics, Network Security, Information Systems or Computer Science.
Experience:
Six (6) years of experience in Engineering, Systems Analysis, Medical Systems, Information Assurance, Web Development, or Engineering Management to include:
Systems Analysis, Systems Architecture, Systems/Equipment Support, Test and Evaluation, and Logistics support of C4ISR requirements.
Three (3) years of technical experience in support of information assurance/network protection or virtualization projects.
Note:
Experience may be concurrent.
Advanced degrees substitute for experience as follows:
Ph.
D.
five (5) years of experience; MS two (2) years of experience.
Estimated Salary: $20 to $28 per hour based on qualifications.
-Provide subject matter expertise in all cyber security initiatives and help in explaining new guidance.
-Draft documentation needed to announce new cyber security initiatives and participate building and implementing processes surrounding cyber security.
-Provide cyber security reports to DHA leadership, conduct scans and participate in the process to obtain ATO status for systems determined by DHA and/or MTF leadership.
-Complies with MTF cyber security program implementation plan, and ensures compliance with DHA management policies.
-Assists the system owners and system SAs in interpreting and applying mitigation strategies -Ensure compliance with data security policies and relevant legal and regulatory requirements in accordance with DHA directives and applicable Risk management Framework (RMF) requirements.
-Ensure appropriate changes and improvement actions are implemented as required.
-Ensure compliance with protection requirements, control procedures, incident management reporting, remote access requirements, and system management for all systems under scope.
Education:
BS degree in Engineering, Physics, Network Security, Information Systems or Computer Science.
Experience:
Six (6) years of experience in Engineering, Systems Analysis, Medical Systems, Information Assurance, Web Development, or Engineering Management to include:
Systems Analysis, Systems Architecture, Systems/Equipment Support, Test and Evaluation, and Logistics support of C4ISR requirements.
Three (3) years of technical experience in support of information assurance/network protection or virtualization projects.
Note:
Experience may be concurrent.
Advanced degrees substitute for experience as follows:
Ph.
D.
five (5) years of experience; MS two (2) years of experience.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
