Risk Management Lead                                           Job# JAPOC0078

Location: NW Washington, DC

Clearance: Ability to attain a Public Trust
Salary: $110,000-$125,000 

Position Responsibilities

  • Conduct security authorization packages based on NIST standards for general support systems and major applications

  • Provide appropriate FIPS 199 impact level designations and identify appropriate security controls based on characterization of the general support system or major applications

  • Conduct Security Impact Analyses (SIAs) on all changes that require them

  • Prepare comprehensive assessment & accreditation (A&A) package

  • Develop and maintain plan of action and milestones (POA&M)

  • Understanding of engineering implementations and enterprise information system flows

  • Proactive mitigation of network and operating systems vulnerabilities and recommending compensating controls

  • Supports the deployment and integration of security tools

  • Analyze and recommend solutions for information security problems based on experience and security best practices for major information system products and service 

 

Position Requirements

  • Minimum 7 years of IT work, 5 years’ experience in Security Engineering and A&A in Federal government IT environments

  • Familiarity with OMB and FISMA mandates surrounding Information Security.

  • Understanding of Network, Platform and Application Layer Security implementations

  • Sound understanding of all FIPS and NIST Special Publications, including FIPS 199, 800-18, 800-30, 800-37, 800-39, 800-53, 800-60, 800-100, 800-115 and 800-137

  • Familiarity with common Security tools – Multi-Factor Authentication, SIEM, NAC, Web Application Firewall, MDM, Nessus, Retina, ForeScout, App Detective, DB Protect, Fortify, Hailstorm, Microsoft Active Directory & Group Policy, etc.

  • Excellent oral and written communication skills

  • Candidates must be able to work on-site at Federal Agency located in Washington, DC and must be able to pass a U.S Federal government background investigation and obtain a client badge

  • Bachelor's degree in Information Systems, related discipline or equivalent experience

  • CISSP, CISM, CAP or similar industry certification preferred.

To apply send resume to Norris@FlexSR.com

Attn RML (JAPOC0078)

 

www.CyberSecSource.com