Job Description

Serves as the Information Assurance Security Lead for a large, complex task and will direct the execution of system security activities ensuring compliance with Federal regulations and DHS policy. Provides support for facilitating and helping agency identify their current security infrastructure and define future programs, design and implementation of security related to IT systems. The Information Assurance Security Lead also oversees the efforts of security staff to design, develop, engineer and implement solutions to security requirements. The Lead would be responsible for the implementation and development of the DHS IT systems security. Gathers and organizes technical information about an organization's mission goals and needs, existing security products, and ongoing programs. Supports customers at the highest levels in the development and implementation of doctrine and policies.

Working knowledge of the following areas is required:

* Federal security requirements or equivalent processes for certification and accreditation, vulnerability scanning and remediation, contingency planning, and interface connection documentation.

* ArcSight

o Responsible for reviewing, documenting and researching ArcSight alerts.

o Monitoring effectiveness of alerts and recommend rule modification when required.

o Performing Impact analysis, investigations and conducting weekly status meetings with the government and ArcSight SMEs to report related statistics as required to quickly identify potential cyber-attacks, material weaknesses and vulnerabilities.

* Change Request (CR) Security Reviews

o Assessing CRs from a technical security perspective in conjunction with review boards to ensure changes do not introduce new security concerns.

o Providing weekly/monthly updates to the tracking repository to maintain historical information, running totals and reporting results to the client.

* Risk Management

o Must demonstrate an understanding of business security practices and procedures and familiarity Identify and analyze potential threat activity

o Harden the configuration of devices and networks utilizing DOD Best Practices

o Identify and report unresolved security exposures with mainstream risks associated with commercial products and current Internet/EC technology.

* Hardware/software security implementation, Different communication protocols, Encryption techniques/tools.

o Familiarity with commercial products, and current Internet/mobile technology.

* Certification and Accreditation (C&A)

o Ability to support C&A, continuous diagnostics and mitigation and related initiatives.

o Experience creating and resolving POA&MS

* Documentation

o Developing and maintaining documentation for security systems and procedures

o Experience in developing System Security Plan, Contingency Plan, Incident Response Plan and Continuous Monitoring Plan

Key Tasks and Responsibilities

* Lead assigned security tasks to successful completion.

* Performs risk analyses which also includes risk assessment.

* Directs and controls activities for clients, methods, and staffing to ensure that technical requirements are met.

* Developing deliverables associated with FISMA security package including but not limited to: System Security Plan, Contingency Plan, Incident Response Plan and Continuous Monitoring Plan

* Work to complete ATO packages complaint to NIST guidelines

* Adhere to NIST Risk Management Framework (RMF) to support analyzing development of supporting policies, procedure and plans

* Adhere to NIST RMF for implementation of security controls and analyzing corrective action plans

* Work with the System Owners, ISSOs and other stakeholders to complete assessment reports

* Track and update POA&M entries

* Analyze IT security events to distinguish events that qualify as security incidents as opposed to non-incidents

* Maintain working knowledge of network communications, routing protocols and common internet applications/standards

* Maintain information system inventories

* Perform SIEM monitoring and analysis

* Ability to serve as Information System Security Officer.

Required Education & Experience

* Bachelor's Degree or higher and 10 years of related experience

The ideal candidate should be able to demonstrate working knowledge with several of the following concepts or technologies:

* FISMA security experience for large scale information technology and database systems that utilize C++, JAVA, and PL/SQL, GO, Python, Ruby, C# programming languages

* Security Information and Event Management tools (e.g. ArcSight, Splunk, etc.)

* Firewall Devices/Platforms (.e.g Palo Alto, Cisco ASP)

* Firewall Rule Reviews and Rule Analysis

* Enterprise Risk Assessments, security strategy and cloud computing terminology (e.g. AWS)

* CSAM

* Amazon Web Services (AWS)

Certification Requirements

* Certified Information Security Professional (CISSP) is required

* Certified Cloud Security Professional (CCSP) is preferred

Clearance Requirements

* Candidate must be a US Citizen, possess DHS Suitability background investigation or be eligible to qualify for DHS Entry of Duty background investigation followed by DHS Public Trust Clearance

Other (Travel, Work Environment, DoD 8570 Requirements, Administrative Notes, etc.)

* None

Computer World Services is an affirmative action and equal employment opportunity employer. Current employees and/or qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, disability, protected veteran status, genetic information or any other characteristic protected by local, state, or federal laws, rules, or regulations.

Computer World Services is committed to the full inclusion of all qualified individuals. As part of this commitment, Computer World Services will ensure that individuals with disabilities (IWD) are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Aaron McClellan in Human Resources at