Vacancy expired!
Description
Expertise and Functions Provide the customer with Cybersecurity guidance and documentation throughout the system development life-cycle to include: providing guidance at meetings, briefings and design reviews, and during system development utilizing currently applicable cybersecurity regulations and policies Participate in all phases of the security authorization process Review and provide comments on Assessment and Authorization (A&A) documentation needed for customer initiatives to receive Authorities To Operate (ATO)s, ATOs with conditions, Interim Authority To Test (IATT), and Certificates of Networthiness (CON) Conduct Security engineering, implementation and validation, as well as facilitating request for waivers or other exceptions to policies based on tactical implementation of security domain requirements Review the design of hardware, operating systems, and software applications proposed for customer programs and provide comments as to whether the design adequately addresses cybersecurity security requirements and provides confidentiality, integrity, availability, authentication, and non-repudiation Properly mitigates identified threats/vulnerabilities Ensure the designated customer systems remain compliant with cybersecurity policy to include AR 25-2, Information Assurance, DoD Instruction (DODI) 8510.01, Risk Management Framework (RMF) for DoD Information Technology (IT), National Institute of Standards and Technology Special Publication (NIST) SP 800-37 Guide for Applying the Risk Management Framework to Federal Information Systems, and Intelligence Community Directive (ICD) 503, Intelligence Community Information Technology Systems Security Risk Management, the Committee on National Security Systems (CNSS) Instruction No. 1253, Security Categorization and Control Selection for National Security Systems NIST 800-53, Recommended Security Controls for Federal Information Systems and Organizations, USCENTCOM 25-28 process, and DISA Security Technical Implementation Guides (STIG) and shall keep pace with changing policies and mandates Other duties as assigned Requirements Qualifications Education/Training (both required and desired): Bachelor's Degree in relevant engineering or science discipline required Master's Degree preferred Certified Information Systems Security Professional (CISSP) required Experience: 12+ years of professional experience in the required task area with a Bachelor's Degree 8+ years of experience with a Master's Degree 5+ years of experience with a PhD Professional experience should include progressively complex cybersecurity design, development, integration, test, certification, and accreditation of security solutions for DoD or IC intelligence systems A minimum of one year experience in applying the Risk Management Framework (ICD 503) for the accreditation of DoD or IC Information Technology Systems Security: Must be a US citizen Active TS/SCI clearance requiredVacancy expired!