IA Policy and Compliance Certified Professional - Senior
ISC has a need for an IA Policy and Compliance Certified Professional - Senior to support our government customer located in Fort Gordon, GA.
DESCRIPTION OF
Responsibilities:
Execute internal audits, SIEM, management, Incident response, configuration management, compliance studies, and change management oversight to establish a modified Cyber Security Service Provider function for a nonstandard network.
Assist in the administration of an effective Cyber Security program that involves providing management of organizational risk advice, guidance, and assistance.
Remain abreast on changes to Joint, DOD, and Army doctrine as it pertains to cyber security and risk management.
Stay current on up-to-date IT news regarding network security and future trends in Cyber Security (ex.
cloud computing security).
Provide all necessary support, including documentation, task coordination, artifacts, eMASS entries, ACAS Scans, STIGs, Log analysis, and other actions necessary to support approved customer TSPs and ATOs this includes successfully passing all cyber security inspections (No Notice, CCRI, DAIG, OIP, PII, PIA, Cyber Awareness month, TRADOC, etc).
Maintain the CCOE Training Networks security posture by ensuring delivery and compliance of continuous monitoring (ACAS scans) and STIG application/compliance.
Ensure that pre and post-accreditation mitigation occurs and is conducted after each scan is run and STIGs are reviewed.
Within 15 days of a CAT I finding a mitigation is executed and for CAT II/III finding the mitigation is completed within 45 days.
Ensure that any findings which are placed on a POA&M and are tracked through completion.
All STIGs (where applicable) are reviewed once per area/per device.
Provide an Executive Summary (EXSUM) outlining key points obtained from any meeting attended to the government.
Support the establishment, implementation, and operation of a continuous monitoring program throughout the customer secured systems.
Execute internal audits, SIEM, management, Incident response, configuration management, compliance studies, and change management oversight to establish a modified Cyber Security Service Provider function for a nonstandard network.
Conduct a comprehensive assessment of the management, operation, and technical cybersecurity controls employed within or inherited by an Information System (IS) to determine the overall effectiveness of the controls (i.
e.
, the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the Cybersecurity requirements for the system).
Provide an assessment of the severity of weaknesses or deficiencies discovered in the IS and its environment of operation and recommend corrective actions to address identified vulnerabilities.
REQUIRED DEGREE/EDUCATION/CERTIFICATION:
Must be Information Assurance Workforce (IAWF) Information Assurance Manager level III (IAM III) certified with at least one (1) baseline certification:
CISM; CISSP (or Associate); GSLC; or CCISO.
REQUIRED SKILLS AND
Experience:
At least 10 years of management experience.
Must be available by phone or email from 0730-1700, Monday thru Friday except Federal holidays or when the government facility is closed for administrative reasons.
REQUIRED CITIZENSHIP AND CLEARANCE:
Must be a US citizen.
Final Top Secret/SCI Clearance (cannot be interim).
Recommended Skills Administration Auditing Certified Information Security Manager Certified Information Systems Security Professional Change Management Cloud Computing Security Estimated Salary: $20 to $28 per hour based on qualifications.
DESCRIPTION OF
Responsibilities:
Execute internal audits, SIEM, management, Incident response, configuration management, compliance studies, and change management oversight to establish a modified Cyber Security Service Provider function for a nonstandard network.
Assist in the administration of an effective Cyber Security program that involves providing management of organizational risk advice, guidance, and assistance.
Remain abreast on changes to Joint, DOD, and Army doctrine as it pertains to cyber security and risk management.
Stay current on up-to-date IT news regarding network security and future trends in Cyber Security (ex.
cloud computing security).
Provide all necessary support, including documentation, task coordination, artifacts, eMASS entries, ACAS Scans, STIGs, Log analysis, and other actions necessary to support approved customer TSPs and ATOs this includes successfully passing all cyber security inspections (No Notice, CCRI, DAIG, OIP, PII, PIA, Cyber Awareness month, TRADOC, etc).
Maintain the CCOE Training Networks security posture by ensuring delivery and compliance of continuous monitoring (ACAS scans) and STIG application/compliance.
Ensure that pre and post-accreditation mitigation occurs and is conducted after each scan is run and STIGs are reviewed.
Within 15 days of a CAT I finding a mitigation is executed and for CAT II/III finding the mitigation is completed within 45 days.
Ensure that any findings which are placed on a POA&M and are tracked through completion.
All STIGs (where applicable) are reviewed once per area/per device.
Provide an Executive Summary (EXSUM) outlining key points obtained from any meeting attended to the government.
Support the establishment, implementation, and operation of a continuous monitoring program throughout the customer secured systems.
Execute internal audits, SIEM, management, Incident response, configuration management, compliance studies, and change management oversight to establish a modified Cyber Security Service Provider function for a nonstandard network.
Conduct a comprehensive assessment of the management, operation, and technical cybersecurity controls employed within or inherited by an Information System (IS) to determine the overall effectiveness of the controls (i.
e.
, the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the Cybersecurity requirements for the system).
Provide an assessment of the severity of weaknesses or deficiencies discovered in the IS and its environment of operation and recommend corrective actions to address identified vulnerabilities.
REQUIRED DEGREE/EDUCATION/CERTIFICATION:
Must be Information Assurance Workforce (IAWF) Information Assurance Manager level III (IAM III) certified with at least one (1) baseline certification:
CISM; CISSP (or Associate); GSLC; or CCISO.
REQUIRED SKILLS AND
Experience:
At least 10 years of management experience.
Must be available by phone or email from 0730-1700, Monday thru Friday except Federal holidays or when the government facility is closed for administrative reasons.
REQUIRED CITIZENSHIP AND CLEARANCE:
Must be a US citizen.
Final Top Secret/SCI Clearance (cannot be interim).
Recommended Skills Administration Auditing Certified Information Security Manager Certified Information Systems Security Professional Change Management Cloud Computing Security Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
