Senior ISSO - TS/SCI CI Poly

• Lead the RMF process for assigned Cross Domain appliances withing DIA Enterprise networks.
• Maintain and report system’s Assessment & Authorization (A&A) status and events.
• Manage the System Security Plan (SSP) for assigned Cross Domain systems throughout their lifecycle.
• Perform annual security reviews, annual testing of security controls, and annual testing of the contingency plan, in line with FISMA requirements.
• Ability to understand Service Central to monitor project requests required to initiate new change requests.
• Manage POA&M entries and ensuring vulnerabilities are properly tracked, mitigated, and resolved.
• Assist with identification of the security control baseline set and any applicable overlays.
• Ability to communicate relevant changes to the Security Control Assessor (SCA)
• Assemble the Security Authorization Package and submit for adjudication.
• Register and maintain the system in XACTA.
• Plan and perform cybersecurity testing to assess security controls and recording security control compliance status during sustainment.
• Report changes in the security posture of systems to the Authorizing Official (AO).
• Utilize the Collaboration Board in XACTA workflow for all formal coordination during the RMF process. Detailed findings will be posted in the Artifacts tab (if necessary).
• Assist the ISSMs in executing their duties and responsibilities.
• Ensure all users possess the requisite security clearances and awareness of their responsibilities for systems under their purview prior to being granted access.
• Ensure an incident response, business continuity, disaster recovery, as well as vulnerability and threat reporting plans and channels are in place and that team members are trained accordingly.
• Ensure relevant policy and procedural documentation is current and accessible to properly authorized individuals.
• Utilize the Collaboration Board in the XACTA workflow for all formal coordination during the RMF process. Detailed findings will be posted in the Artifacts tab (if necessary).

Requirements:

• TS/SCI w Counter Intelligence Polygraph required
• Must meet DoD 8570/8140 Certifications (i.e. IAM Level II/III or IAT II/III).
• Well versed with using vulnerability assessment tools (ACAS, NESSUS, etc.) and analyzing the results generated from these assessments.
• Demonstrated experience writing information system security control documentation (SSPs, POA&Ms, PTAs, PIAs, CMPs, CPs and IRPs).
• Knowledge of Risk Management Framework (RMF) information security engineering, design concepts and principles.
• Support annual assessments in accordance with guidance in the DIA Enterprise standards.
• Basic understanding of VMware.
• Ability to use MS Office, Analytical and Critical Thinking Skills,
• Proactively create, monitor and update the status of POA&Ms to ensure weaknesses are resolved in accordance with their scheduled completion dates;
• Respond to emerging requirements or policies as set by legislation, regulation or policy;
• Experience supporting systems hosted in Cloud environments.
• Conduct Contingency Plan tests at least annually and updating the plan;
• Maintain knowledge of inventory in accreditation boundary;
• Oral and written communication skills;
• Interpersonal and People Skills.