CyberData Technologies is dedicated to complete customer satisfaction through delivering high quality and innovative services and solutions. Learn more about our certifications.
Technical Information Security Assurance Specialist
CyberData Technologies, Inc., an established technology solution provider based in Herndon, Virginia, is looking to expand its growing team. CyberData ranked 30th Fastest Growing Federal Contractors in Washington Technology 2008 Fast 50, and is an Inc. 500 company. Our employees are our greatest asset and we are committed to their professional development and growth. We provide competitive salaries, bonuses, generous benefit packages, and paid time off to balance work and personal commitments.
Job Location: Rockville, MD
Job Duties (include but not limited to):
Serve in the capacity of a Technical Information Security Assurance Specialist to assist in all facets of risk management and data protection across customer organization.
- Maintain information systems assurance and accreditation materials
- Perform enterprise-wide tracking of authorization and weakness requirements
- Track data calls on SharePoint for Security group
- Develop Standard Operating Procedures/Procedures for risk management team
- Manage and approve accreditation packages
- Monitor and evaluate a system's compliance with IT security, resilience, and dependability requirements
- Collect and maintain data needed to meet system IA reporting
- Identify security requirements specific to an IT system in all phases of the System Life Cycle
- Provide system related input on IA security requirements to be included in statements of work and other appropriate procurement documents
- Participate in continuous monitoring activities
- Assist with analyzing, developing, implementing, integrating, and maintaining secure Agency IT solutions.
- Support security analysis, assessments, guidance, reporting, reviews, and testing during the program life-cycle.
- Support the analysis, development, evaluation, and production of all information assurance cyber security compliance and performance reports.
- Strong communication and interpersonal skills with the ability to act as a resource for, provide customer service in a courteous manner to, and work effectively with diverse groups of people at various levels within an organization. Writing skills sufficient to compose and edit a variety of documents using correct spelling, grammar, and punctuation, with the ability to pay close attention to detail and proofread work carefully.
- Strong organizational skills sufficient to prioritize work and complete assignments accurately, either independently or as part of a team, under pressure of competing deadlines and with frequent interruptions, working from own initiative and/or following direction, policies, or procedures. Independently establish priorities and coordinate and complete assignments within established timeframes.
- Ability to identify customer needs and use analytical and decision-making skills to offer options and resolve problems in a variety of contexts
- Ability to effectively communicate technical issues, identify technical gaps, and the root cause or systemic issues across the agency
Job Qualifications (include but not limited to):
- Knowledge of Risk Management Framework requirements
- Knowledge of applicable laws (e.g., Electronic Communications Privacy Act, Foreign Intelligence Surveillance Act, Protect America Act, search and seizure laws, civil liberties and privacy laws, etc.), statuses (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures relevant to work performed
- Knowledge of new and emerging IT and information security technologies
- Strong knowledge of FISMA regulation, FIPS standards, NIST 800 series, NIST Special Publications and other applicable guidance.
- Understanding of processes used to assess risk and establish security requirements and documentation to ensure that information systems possess security safeguards commensurate with the level of exposure to potential risk, as well as damage to assets or individuals.
- Understanding of measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. In-depth knowledge, skills, and abilities needed to enforce Information Assurance and Cybersecurity requirements, apply Information System Security (INFOSEC) methodologies and facilitate security assessment and authorization (SA&A) as well as continuous monitoring activities, such as vulnerability scans and security control assessments. Able to analyze and assess vulnerability scan outputs and provide feedback to CISO and system owner.
- In-depth knowledge of information assurance levels and risk impact thresholds in meeting applicable security policies, standards and requirements to ensure that accrediting authorities have the information necessary to make an objective authorization determination based on an acceptable level of risk. Employee should be able to analyze, evaluate, and assess information system security policies, processes and procedures necessary to ensure a comprehensive multi-disciplined assessment of technical and non-technical security features and associated safeguards.
- In-depth knowledge of System Security Plan, Contingency Plan and Testing, POA&Ms, Risk Assessment, and other security related documents. Employee should be able to assist ISSOs and/or system owners on addressing security controls and implementation methods in the SSP as well assist in contingency planning and testing, security control assessment and vulnerability scanning. Able to analyze, assess, control, determine, mitigate and manage risk within a federal management framework or within federal interest computer systems that store, process, display or transmit Personally Identifiable Information (PII). Able to identify, implement and integrate management and administrative risk methodologies for securing critical and sensitive information infrastructures and establishing standards necessary to help protect the confidentiality, maintain the integrity and ensure the availability of critical organizational computing resources.
- Up to five years of experience with Information Security, including conducting IT security assessments, SA&A, and continuous monitoring activities.
Please submit your resume in Word format with salary requirement to email@example.com. Principals only: NO 3rd PARTY, no employment agencies. No telephone calls please.
CyberData is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.