Risk Management Lead Job# JAPOC0078
Location: NW Washington, DC
Clearance: Ability to attain a Public Trust
Salary: $110,000-$125,000
Position Responsibilities
-
Conduct security authorization packages based on NIST standards for general support systems and major applications
-
Provide appropriate FIPS 199 impact level designations and identify appropriate security controls based on characterization of the general support system or major applications
-
Conduct Security Impact Analyses (SIAs) on all changes that require them
-
Prepare comprehensive assessment & accreditation (A&A) package
-
Develop and maintain plan of action and milestones (POA&M)
-
Understanding of engineering implementations and enterprise information system flows
-
Proactive mitigation of network and operating systems vulnerabilities and recommending compensating controls
-
Supports the deployment and integration of security tools
-
Analyze and recommend solutions for information security problems based on experience and security best practices for major information system products and service
Position Requirements
-
Minimum 7 years of IT work, 5 years’ experience in Security Engineering and A&A in Federal government IT environments
-
Familiarity with OMB and FISMA mandates surrounding Information Security.
-
Understanding of Network, Platform and Application Layer Security implementations
-
Sound understanding of all FIPS and NIST Special Publications, including FIPS 199, 800-18, 800-30, 800-37, 800-39, 800-53, 800-60, 800-100, 800-115 and 800-137
-
Familiarity with common Security tools – Multi-Factor Authentication, SIEM, NAC, Web Application Firewall, MDM, Nessus, Retina, ForeScout, App Detective, DB Protect, Fortify, Hailstorm, Microsoft Active Directory & Group Policy, etc.
-
Excellent oral and written communication skills
-
Candidates must be able to work on-site at Federal Agency located in Washington, DC and must be able to pass a U.S Federal government background investigation and obtain a client badge
-
Bachelor's degree in Information Systems, related discipline or equivalent experience
-
CISSP, CISM, CAP or similar industry certification preferred.
To apply send resume to Norris@FlexSR.com
Attn RML (JAPOC0078)