Senior ATO Specialist

Fairfax, VA

The ATO Support Lead will provide support the Client in obtaining a provisional and full ATO for an Oracle Cloud Infrastructure migration. Security Authorization activities for the client will be in accordance with National Institute of Standards and Technology (NIST) 800 series, federal laws, policies, and regulations.

Required Experience:
5+years leading the following activities• Document that all application and data migrations follow the National Institute of Standards and Technology (NIST) Cybersecurity Frameworks• Document and self-assessment of all FedRAMP Moderate/High system security controls• Document application security control test results • Assist OCI Platform team in creating the boundary diagram• Create Security Tool Impact Assessment (Tools-SIA) for any tool that is not FedRAMP authorized within the boundary. • Create policies, artifacts for the ATO process.

Job Responsibilities
• Investigates computer and information security incidents to determine extent of compromise to national security information and automated information systems. • Defines security objectives and system-level performance requirements. • Researches and stays abreast of tools, techniques, countermeasures, and trends in computer network vulnerabilities. • Configures and validates secure systems, tests security products/systems to detect computer and information security weaknesses. • Maintains the computer and information security incident, damage and threat assessment programs. • Responsible for the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. • Involved in the periodic conduct of a review of each system's audits and monitors corrective actions until all actions are closed. • Designs, develops, or recommends integrated system solutions ensuring proprietary/confidential data and systems are protected. • Involved in the establishment of strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. • Reviews processes and security protocols and makes recommendations for increased cyber security protection.

Minimum Qualifications

Bachelor's Degree in Computer Science or a related field or equivalent experience.

Relevant Work Experience:

5-10 years of experience in systems security.

Other Job Specific Skills
• Must be able to communicate effectively and clearly present technical approaches and findings.
• Exercises a limited degree of latitude in determining technical objectives of assignments.
• Excellent attention to detail.
• Must be able to balance multiple tasks simultaneously.
• Advanced knowledge of encryption, vulnerability assessment, penetration testing, cyber forensics, intrusion detection, and incident response and remediation.

U.S. Citizenship Required? Yes

COVID-19 VaccinationRequired: Yes

PhysicalDemands
Light office dutieswhich may include sitting for prolonged periods of time, viewing digitalscreens for prolonged periods of time, lifting up to 10 pounds, use of a deskor mobile phone, typing on a keyboard, writing with a pen, pencil, or stylus, etc.
EEO Requirements
It is the policyof ASM that an individual's race, color, religion, sex, disability, age, sexualorientation or national origin are not and will not be considered in anypersonnel or management decisions. We affirm our commitment to thesefundamental policies.
All recruiting, hiring, training, andpromoting for all job classifications is done without regard to race, color,religion, sex, disability, or age. All decisions on employment aremade to abide by the principle of equalemployment.
PhysicalRequirements
The physical requirements described in"Knowledge, Skills and Abilities" above are representative of those which mustbe met by an employee to successfully perform the primary functions of thisjob. (For example, "light office duties' or "lifting up to 50 pounds"or "some travel" required.) Reasonable accommodations may be made toenable individuals with qualifying disabilities, who are otherwise qualified,to perform the primary functions.
Disclaimer
The preceding jobdescription has been designed to indicate the general nature and level of workperformed by employees within this classification. It is not designedto contain or be interpreted as a comprehensive inventory of all duties,responsibilities and qualifications required of employees assigned to thisjob.