Summary: Vector Planning & Services (VPSI) presents an exciting opportunity for a systems engineer with experience in IA certification and accreditation.
Primary Responsibilities:
ย ย ย ย ย ย Providing leadership, team coordination, and subject matter expertise in preparing and validating Certification and Accreditation (C&A) packages. This includes DIACAP or RMF accreditation package and artifact generation, planning and executing security test and evaluation (ST&E), analyzing test results, drafting Risk Assessment Reports (RAR), C&A Plans, Plan of Actions and Milestones (POAM's), crafting mitigation statements, eMASS entry, and any other documents that are required as part of the NIST 800-53 and 800-37 Information Assurance (IA) Control and Risk Assessments
ย ย ย ย ย ย Review security requirements, products, configurations and IA architectures for compliance with DoD policies
ย ย ย ย ย ย Perform penetration testing, analyzing systems for STIG compliance
ย ย ย ย ย ย Develop and execute security test plans and assessing the IA risk of IT systems.
ย ย ย ย ย ย Participate in collaboration meetings; act as a trusted agent to program managers and IA practitioners and track critical IA processes
ย ย ย ย ย ย Maintain and update Technical Standards, checklists, guidelines, and instructions based on new DoD/DON/industry policies and instructions.
ย ย ย ย ย ย Coordinate with government engineers to oversee, maintain, develop, and implement technical standards within the Human Factor Domain.
ย ย ย ย ย ย Provide security related advice and assistance to system engineers and program managers on security related matters and develop security related procedures, policies, and technical recommendations, as required
ย ย ย ย ย ย Provide System Engineering support with acquisition programs of record, including in-depth review of engineering documentation.
ย ย ย ย ย ย Review how programs plan to ensure human capability is factored into total system performance in the software acquisition process and the systems engineering lifecycle of all NAVWAR systems.
ย ย ย ย ย ย Conduct independent assessments at technical program elements (e.g., systems engineering technical reviews, milestone decision reviews, certification events, and independent reviews) and develop Risk, Issue and Opportunity (RIO) assessments.
ย ย ย ย ย ย Review Manpower Personnel Training & Education requirements in conjunction with program requirements.
Qualifications/Skills/Minimum Qualifications:
ย ย ย ย ย ย Current Secret level clearance
ย ย ย ย ย ย Experience in assessing a network and/or systems using IA automated tools such as Nessus, SCAP, and any applicable Security Technical Implementation Guides (STIGs) in accordance with DISA requirements
ย ย ย ย ย ย Knowledge of DoD 8510.01 and the Department of Navy DIACAP Handbook and experience developing Certification and Accreditation (C&A) documentation
ย ย ย ย ย ย Knowledge of the Department of Navy (DoN) RMF Process Guide.
ย ย ย ย ย ย In depth knowledge and experience with the NIST 800 series
ย ย ย ย ย ย Must be familiar with EMASS and C&A package entry
ย ย ย ย ย ย Familiarity with ACAS, VRAM, HBSS and WSUS
Education and Certifications:
ย ย ย ย ย ย Bachelor's degree in Computer Science or a related technical field
NQV certification required