We currently have an opening for a seasoned Information Systems Security Professional in our Arlington, VA office. The successful candidate will have over 6 years’ experience performing duties as described, possesses at least one DOD certified security certification, preferably the CISSP and must possess an active Top Secret clearance with SCI eligibility. (Candidates without proper clearance will be immediately removed from consideration.)
SUMMARY:
The Information Systems Security Professional is familiar with NISPOM chapter 8, JAFAN 6/3, DCID 6/3, ICD 503, NIST 800-53, DISA Stigs, DJSIG, NISPOM Overprint, and RMF security regulations. Using this knowledge this position develops and maintains security plans and standard operating procedures, performs certification & accreditation activities, testing, validation, and compliance of information systems through technical reviews, self-inspections and system audits. This position also serves as the IT security technical expert. In addition to coordinating the verification, approval, and processing of all information systems documentation revisions while also tracking document activity to ensure timeliness and process efficiency.
KEY RESPONSIBILITIES:
Applies technical security measures and assurances to automated information systems necessary for the application of customer-furnished guidance and/or specifications to safeguard classified information.
Maintains knowledge of technical and non-technical security regulations and interprets regulatory requirements.
Performs moderately complex IT technician and system administration duties, as required.
Coordinates with IT staff to ensure the continued compliance and secure operation of Government-accredited information systems, in addition to overall program success and the support of company missions.
Drafts and maintains technical and non-technical information systems documentation in collaboration with security management personnel.
Performs information systems technical audits and reviews, self-inspections, system validations and updates meeting required deadlines.
Manages and contains data spills.
Investigates, resolves, and recommends corrective action(s) and/or solution(s) for routine system or end user anomalies through standard industry methods, to include digital forensics.
Trains and mentors junior members of the security team.
Regularly interfaces with program management, external customers and DSS Security Representatives regarding standard security requirements, guidance for implementation, documentation requirements, and classification management.
Configures and hardens computers as part of the information system certification process.
Participates and collaborates in customer security inspections.
Ability to write (M)SSPs and AIS plans and effectively communicate the requirements.
Ability to create and maintain POA&M’s, PUGs and other
Provide annual IA training.
Ability to manage time, make sound decisions, take independent action, analyze problems, and provide focused solutions.
High degree of attention to detail.
Possibility to travel to customer sites and other Areté locations.
Provide support for classified meetings.
Ability to work closely with Areté internal Security and IA staff.
QUALIFICATIONS:
BA/BS and 6+ years of experience; MA/MBA and 4+ years of experience
DoD 8570 compliant IAM Level III Industry standard technical certifications, prefer CISSP, CISM, or Security+
LINUX certification a plus
Must be a United States citizen
Typical Skills/Abilities
Strong verbal, interpersonal and written communication skills
Working knowledge of scanning tools such as, WASSP and SecScan
Working knowledge of windows group policy security settings and hardening requirements for windows 7, server 2003, 2008, 2012
Working knowledge of Linux systems and hardening requirements
Expert knowledge of MS Office, and Visio
Knowledge of SIPRNET and JWICS is a plus
Scripting knowledge is a plus (Batch, VB, Powershell, or Linux)
Ability to work independently on assigned tasks as well as take direction on given assignments; ability to work in a matrixed environment
SUMMARY:
The Information Systems Security Professional is familiar with NISPOM chapter 8, JAFAN 6/3, DCID 6/3, ICD 503, NIST 800-53, DISA Stigs, DJSIG, NISPOM Overprint, and RMF security regulations. Using this knowledge this position develops and maintains security plans and standard operating procedures, performs certification & accreditation activities, testing, validation, and compliance of information systems through technical reviews, self-inspections and system audits. This position also serves as the IT security technical expert. In addition to coordinating the verification, approval, and processing of all information systems documentation revisions while also tracking document activity to ensure timeliness and process efficiency.
KEY RESPONSIBILITIES:
Applies technical security measures and assurances to automated information systems necessary for the application of customer-furnished guidance and/or specifications to safeguard classified information.
Maintains knowledge of technical and non-technical security regulations and interprets regulatory requirements.
Performs moderately complex IT technician and system administration duties, as required.
Coordinates with IT staff to ensure the continued compliance and secure operation of Government-accredited information systems, in addition to overall program success and the support of company missions.
Drafts and maintains technical and non-technical information systems documentation in collaboration with security management personnel.
Performs information systems technical audits and reviews, self-inspections, system validations and updates meeting required deadlines.
Manages and contains data spills.
Investigates, resolves, and recommends corrective action(s) and/or solution(s) for routine system or end user anomalies through standard industry methods, to include digital forensics.
Trains and mentors junior members of the security team.
Regularly interfaces with program management, external customers and DSS Security Representatives regarding standard security requirements, guidance for implementation, documentation requirements, and classification management.
Configures and hardens computers as part of the information system certification process.
Participates and collaborates in customer security inspections.
Ability to write (M)SSPs and AIS plans and effectively communicate the requirements.
Ability to create and maintain POA&M’s, PUGs and other
Provide annual IA training.
Ability to manage time, make sound decisions, take independent action, analyze problems, and provide focused solutions.
High degree of attention to detail.
Possibility to travel to customer sites and other Areté locations.
Provide support for classified meetings.
Ability to work closely with Areté internal Security and IA staff.
QUALIFICATIONS:
BA/BS and 6+ years of experience; MA/MBA and 4+ years of experience
DoD 8570 compliant IAM Level III Industry standard technical certifications, prefer CISSP, CISM, or Security+
LINUX certification a plus
Must be a United States citizen
Typical Skills/Abilities
Strong verbal, interpersonal and written communication skills
Working knowledge of scanning tools such as, WASSP and SecScan
Working knowledge of windows group policy security settings and hardening requirements for windows 7, server 2003, 2008, 2012
Working knowledge of Linux systems and hardening requirements
Expert knowledge of MS Office, and Visio
Knowledge of SIPRNET and JWICS is a plus
Scripting knowledge is a plus (Batch, VB, Powershell, or Linux)
Ability to work independently on assigned tasks as well as take direction on given assignments; ability to work in a matrixed environment