Information Assurance Officer

Information Assurance Officer

Information Assurance Officer
Share

Category: Information Technology
City: Linthicum, Maryland, United States
Position ID: J0112-0478 - Permanent Full Time

Position Description:

The individual will coordinate and oversee all aspects of the US Government certification and accreditation (C&A) process for Intelligence Community, DoD, SAR/SAP, or other customer information systems security programs located in NGC facilities, ensuring compliance with government and corporate security policies and procedures. Roles and Responsibilities: * System security to ensure compliance with DCID 6/3, ICD 503, DIACAP, and CNSS 1253 requirements and any other USG requirements as required. The candidate will perform the following duties:

? Oversee security infrastructure, and participate in formal certification, test, and evaluation activities
? Identify vulnerabilities and exploits and make recommendations to address deficient areas.
? Investigates and/or oversees the investigation of information compromises and security violations as they relate to accredited information systems processing classified information in client facilities and recommend corrective actions
? Candidate must have experience in Certification & Accreditation documentation (CTP, SSP, Security CONOP, Security Architecture, Privileged User's Guide (PUG), POA&M, SRTM, ISA, RMM, etc) and will be required to develop these documents.
? Candidate will work with technical program personnel and engineers to ensure development of compliant information systems security architectures, designs, and configurations to ensure development, transition, and delivery of accreditable architectures and systems
? Working with the clients Security organization, supports investigations of information systems compromises in client facilities, including those systems connected to the government?s networks
? Review system(s) security posture and audit logs periodically to ensure compliance with C&A documentation package
? Develop procedures for responding to security incidents and for investigating and reporting security violations and incidents as appropriate
? Develop and implement change management policy and procedures for authorizing use of hardware/software on an information system

Qualifications:

To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:

? 5 years of experience in Classified Information Systems Security
? Previous experience in drafting and submitting DCID 6/3, NISPOM, DIACAP, NSA C&A and JAFAN 6/3 System Security Plans, Privileged Users Guides, test requirements and developing a Risk Matrix
? Must possess technical knowledge of computer and network hardware and software systems, communications and connectivity.
? Knowledge of and implementation experience in applying USG C&A regulations, policies, and processes (e.g. DIACAP, JAFAN, NISCAP, DIACAP, DCID 6/3, ICD 5/7-series, NISPOM Chapter 8, etc.), particularly as they apply to the ISSM/ISSO roles and responsibilities, within a corporate environment. Examine potential security violations to determine if the Network Environment/ Computing Environment (NE/CE) has been breached, assess the impact, and preserve evidence.
? Support, monitor, test, and troubleshoot hardware and software IA problems pertaining to the NE/CE.
? Perform IA related support functions including installation, configuration, troubleshooting, assistance, and/or training, in response to agency requirements for the NE/CE.
? Analyze patterns of non-compliance and take appropriate administrative or programmatic actions to minimize security risks and insider threats. Manage accounts, network rights, and access to NE/CE systems and equipment.
? Analyze system performance for potential security problems. Assess the performance of IA security controls within the NE/CE.
? Identify IA vulnerabilities resulting from a departure from the implementation plan or that were not apparent during testing.

Education and Certifications

? Bachelor?s Degree in Information Systems or Computer Science; will consider related college credits plus 5 commensurate years of related work experience.
? Possession of CISSP or equivalent DoD 8570 IAM Level 2 certification is required

? Active TS/SCI security clearance

At CGI, we?re a team of builders. We call our employees members because all who join CGI are building their own company - one that has grown to professionals located in 125 offices worldwide. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve results for our clients - and for our members. Come grow with us. Learn more at www.cgi.com.

This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans.

We wish to thank all applicants for their interest and effort in applying for this position, however, only candidates selected for interviews will be contacted.

No unsolicited agency referrals please.

WE ARE AN EQUAL OPPORTUNITY EMPLOYER.

Skills: