Remote Information Assurance Security Specialist Job in United States OBXtek

Who you are

What the job involves

• Work as an information system security subject matter expert (SME) on FISMA NIST standards and guidelines Privacy Act HIPAA E-Gov OMB Circulars A-11 and A-130 and Clinger-Cohen for data and application security
• Responsible for Assessment and Authorization (A&A) activities for Consular Affairs / Consular Systems and Technology (CA/CST) automated information systems (AIS)
• Provide A&A support for domestic and oversea deployed systems as well as A&A activities on Cloud systems (IAAS SAAS and PAAS)
• Track and report status of assigned A&A’s and report any obstacles impacting A&A completion to the A&A Task Lead and Program Manager (PM)
• Ensure that A&A packages are submitted to IA and follow up to ensure IA approval of each phase prior to systems’ ATO expiration date
• Analyze production system configuration change requests (CCR) of existing systems to determine security impact using the Security Impact Analysis (SIA) process and maintain security posture and authorization status
• Support weekly or monthly meetings with Government Technical Monitors (GTMs) and developers
• Schedule and facilitate boundary meetings RMF Step 1 Kick-off meetings System Categorization meetings and RMF 1-3 Working Groups
• Gather required information to support system authorization by organizing technical working groups conducting fact-finding interviews attending system demos assessing system security categorization levels establishing system security control baseline and acting as a security advisor to the GTMs during security controls implementation
• Draft and maintain project schedules for assigned systems through the RMF process
• Develop update and maintain security application documentation such as Security Categorization Form (SCF) E-Authentication Form (eRA) System Security Plan (SSP)
• Support development of security application documentation such as Information System Contingency Plan (ISCP) and Privacy Impact Assessment (PIA)
• Complete data calls in a timely manner including Quarterly POA&M data calls
• Review monitor and report POA&Ms status to relevant parties including PM ISSS GTM System GTM System Development Team and System Operation Teams
• Provide guidance to System GTMs and developers on A&A process using NIST Special Publication (SP) 800 series and Department Foreign Affairs Manual (FAM) guidelines
• Assist and advise System GTMs and developers in the design and development of secure systems architecture and industry best practices for AIS security requirements
• Attend Agile security scrum meetings with stakeholders and provide feedback