Support to the Assessment and Authorization (A&A) Risk Management Framework process for all client managed systems, networks, and enclaves (all security domains); ensure validity and accuracy review of all associated documentation; support remote sites when required
Assist in centralization of A&A files/documentation and maintain files/library; ensure validity and integrity of all systems
Create, update, and delete entries in databases utilized for the tracking of system and network compliance
Ensure that all IA systems are properly documented with Configuration Management processes maintain the security accreditation status of systems/sites including the review of current documentation, site architectures and coordination with sites to ensure the documentation is accurate with the current site architecture, IAW Policy and processes
Perform, participate and support all assessment and authorization (A&A) efforts for systems, networks, and applications (all security domains) IAW DoD and IC requirements
Provide coordination for assessment metric submissions
Provide direct support in development of other A&A related systems bodies of evidence in accordance with current NIST, ICD, DIAD guidance, using the government provide A&A tool (i.e. XACTA)
Provide security engineering assessments of proposed IT solutions
Work in coordination with both internal and external systems administrators, configuration management, and network engineers to ensure proper configuration and adherence to security standards in regard to deployment actions
Serve as Security Controls Assessors for formal Security Test and Evaluation, Conduct of Security Certifications of (DoDIIS) systems/networks/sites assessing security control compliance, providing guidance regarding remediation and mitigation of identified vulnerabilities
Provide guidance on the application of security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements, reviewing and determining the adequacy of required documentation
Development of all supporting test reports and supporting artifacts and plan and action of milestones (POA&Ms) documenting open findings, preparation of formal authorization packages and oversight of the resolution of POA&Ms and development and maintenance of assessment and authorization enterprise schedules and metrics
Provide support for management and maintenance of assessment and authorization repositories
Perform security assessments at remote sites with collateral (includes, but not limited to, NIPR/SIPR) and/or TS/SCI AIS under the client's purview
Bachelor's Degree in Computer Science or a related technical discipline plus 10 years' experience, or the equivalent combination of education, professional training and work experience
Must possess current DoD 8570 IAT III level certification
Current active TS/SCI clearance, with the ability to obtain and maintain a CI polygraph