Monitoring and enforcing compliance to the NCHS CIPSEAResearching and responding to security incidentsManage Authority to Operate (ATO) / SA&A activities utilizing TAFResponds to system security scan findings and facilitating the remediation of such findingsServe as the Branch SharePoint AdministratorProvides technical assistance and guidance to Division staff, peers, contractors and managers on a variety of Information Technology areas relevant to the applications and… Show more Monitoring and enforcing compliance to the NCHS CIPSEAResearching and responding to security incidentsManage Authority to Operate (ATO) / SA&A activities utilizing TAFResponds to system security scan findings and facilitating the remediation of such findingsServe as the Branch SharePoint AdministratorProvides technical assistance and guidance to Division staff, peers, contractors and managers on a variety of Information Technology areas relevant to the applications and data management.Reviews and provides feedback on contractor deliverable and submissions, including software packages for compliance with all security and privacy related policiesReviews and provides feedback on new Task Orders Show less

Collect and analyze process FISMA performance/metric dataPerform data validation of FISMA metricsDetermine the impact to the Cross-Agency Performance (CAP) goals and the Risk Management Assessment (RMA) ratingEnsure department meets compliance requirements for Binding Operational Directive 18-01Manage department vulnerability management dashboards

Remediate system vulnerabilities and remediate Plan of Action and Milestones (POA&Ms)Develop required security documentation for NBIB IT PMO systems and maintain Authority to Operate (ATO)Work with project teams to collect evidence and remediate findingsWork with Information Security Specialists to access system security posture and remediate vulnerabilitiesAnalyze the security risks and provide implementation of safeguards to minimize the risks to an acceptable level

Provide expert knowledge regarding information security regulations, requirements and best practices, the control framework structure, all information security controls, the security rationale for each, and the state of ongoing compliance. Reviews security requirements and provides guidance throughout the system engineering lifecycle (SELC). Works as an integrated project team member to scope projects to assist with cost estimation and facilitate the activities into the project schedule… Show more Provide expert knowledge regarding information security regulations, requirements and best practices, the control framework structure, all information security controls, the security rationale for each, and the state of ongoing compliance. Reviews security requirements and provides guidance throughout the system engineering lifecycle (SELC). Works as an integrated project team member to scope projects to assist with cost estimation and facilitate the activities into the project schedule, ensuring the proper budget allocation for those activities. Maintains expertise in federal laws, regulations, and policies in the discipline of IT systems security and analyzes impact. Administers Change Management procedures to ensure that information system changes are properly recorded.  Show less

Support the development of security programs, processes, policies, and procedures, Foster cyber security awareness, Ensure necessary data protection and security controls and implemented, Support VA 6500 Cyber Security policy and compliance requirements, Provides support by monitoring real-time security alerts; identifying and prioritizing potential threats., Leads security incident investigations, Completes and delivers complex security reports to management in business terms, Analyzes… Show more Support the development of security programs, processes, policies, and procedures, Foster cyber security awareness, Ensure necessary data protection and security controls and implemented, Support VA 6500 Cyber Security policy and compliance requirements, Provides support by monitoring real-time security alerts; identifying and prioritizing potential threats., Leads security incident investigations, Completes and delivers complex security reports to management in business terms, Analyzes available data sources, security tools and threat trends and leads security monitoring and analysis techniques to identify attacks against the enterprise, Creates correlations and other logic to identify attackers and defend the network against advanced attacks. Show less

Conduct IT Security activities for DoJ/AFMS program, Perform annual Incident Response and IT Contingency Plan testing, Conduct annual OMB A-123 and DoJ Core Control testing, Update and maintain all IT Security packages utilizing CSAM tool, Maintain, review and develop AFMS program security policies and SOP’s, Perform POA&M development, monitoring, compliance and oversight for AFMS information systems, Perform Security Authorization activities for General Support System and Major Applications

Implement data security controls and conduct Security Test and Evaluation (ST&E) for multiple federal information systems in accordance with NIST 800-53A requirements for Centers for Medicare and Medicaid Services. Conduct vulnerability scans utilizing Nessus to include FDCC requirements for federal information systems. Prepare C&A Packages according to NIST standard, to include developing System Security Plans (SSP), Contingency Plans and Security Assessment Reports (SAR). Participate in… Show more Implement data security controls and conduct Security Test and Evaluation (ST&E) for multiple federal information systems in accordance with NIST 800-53A requirements for Centers for Medicare and Medicaid Services. Conduct vulnerability scans utilizing Nessus to include FDCC requirements for federal information systems. Prepare C&A Packages according to NIST standard, to include developing System Security Plans (SSP), Contingency Plans and Security Assessment Reports (SAR). Participate in defining and implementing overall security strategy, policies, and procedures. Conduct FISMA self-assessments, technical and firewall assessments (vulnerability analysis, penetration testing), and risk assessments. Provide SCAP support for applications, systems and networks. Create and manage POA&Ms related to assigned information systemsInteract with all levels of management, including the System Owners, Chief Information Security Officer (CISO) and Authorizing Official (AO) as needed, to ensure that appropriate security measures are implemented. Perform monthly vulnerability assessment scans of assigned systems utilizing Nessus and similar tools, as appropriate to ensure that weaknesses are identified and mitigated in the shortest time possible. Creation and/or maintenance of the System Security Plan for each assigned system, which contain all of the required security controls and describe compliance with federal IT Security policies. Show less

Provide security architecture, policy and design guidance for business systems and networks. Provide Information Security Certification and Accreditation support for applications, systems and networks in accordance with Federal Aviation Administration policies and processes. Perform C&A Self Assessment activities to meet FAA Flight Plan objectives.

Performing ISSO functions for the HR systems in regards to Certification and Accreditation efforts for SF system. This effort is an important task for obtaing a Authority To Operate approval from the Designated Aproval Authority for Department of Homeland Seccurity (DHS). Daily duties consist of interviews, documentation development and delivery of SF C&A aritfacts for ATO. Following Information Assurance (IA) documents developed are: Risk Assesstment, System Security Plan, Contigency… Show more Performing ISSO functions for the HR systems in regards to Certification and Accreditation efforts for SF system. This effort is an important task for obtaing a Authority To Operate approval from the Designated Aproval Authority for Department of Homeland Seccurity (DHS). Daily duties consist of interviews, documentation development and delivery of SF C&A aritfacts for ATO. Following Information Assurance (IA) documents developed are: Risk Assesstment, System Security Plan, Contigency Plan, E-Authentication, Privicy Information Analysis, ST&E along with System Operation Procedures. Show less

Provide technical guidance for the application of INFOSEC principles to the operational areas of Computer-Network Defend (CND), Computer-Network-Attack (CNA) and overall information assurance (IA) Policy. Ability to operate vulnerability assessment equipment in support of penetration analyses. Provide Tier 1 support to the Department of Defense to assist with the implementation of DITSCAP Activities. Provides first level of customer contact for the IASE Information Desk. and provide a full… Show more Provide technical guidance for the application of INFOSEC principles to the operational areas of Computer-Network Defend (CND), Computer-Network-Attack (CNA) and overall information assurance (IA) Policy. Ability to operate vulnerability assessment equipment in support of penetration analyses. Provide Tier 1 support to the Department of Defense to assist with the implementation of DITSCAP Activities. Provides first level of customer contact for the IASE Information Desk. and provide a full range of IA and INFOSEC support via the DISA operating environments. Knowledge and experience with information network security equipment. Understanding of information network threats such as computer viruses. Show less

Provide technical guidance for the application of INFOSEC principles to the operational areas of Computer-Network Defend (CND), Computer-Network-Attack (CNA) and overall information assurance (IA) Policy. Ability to operate vulnerability assessment equipment in support of penetration analyses. Provide Tier 1 support to the Department of Defense to assist with the implementation of DITSCAP Activities. Provides first level of customer contact for the IASE Information Desk.

Integral member of staff accountable for preparing and presenting briefings to DISA Engineering staff and remote commands for implementation approval. Provide project support to the ISSM for the NIPRNet, SIPRNet and IP Core Backbone infrastructure. Provide technical advice to the ISSM for presentation to OSD GIG Waiver and DSAWG Panels. Assist in for security certification and accreditation based efforts for all Unclassified/Classified Internet Protocol (IP) Defense Information Systems… Show more Integral member of staff accountable for preparing and presenting briefings to DISA Engineering staff and remote commands for implementation approval. Provide project support to the ISSM for the NIPRNet, SIPRNet and IP Core Backbone infrastructure. Provide technical advice to the ISSM for presentation to OSD GIG Waiver and DSAWG Panels. Assist in for security certification and accreditation based efforts for all Unclassified/Classified Internet Protocol (IP) Defense Information Systems Networks (DISN). Responsible for initiating, implementing and maintaining DITSCAP standards and processes for the NIPRNet, SIPRNet and IP Core DOD Backbone infrastructures. Provide technical support in Systems and Telecommunications Engineering. Experience in Network Systems and Topologies - exemplifies dynamic technical qualities that produce quality service and complete customer satisfaction. Assist in review of DoD networks to ensure components are in compliance with DITSCAP. Show less

Experienced in installing, operating, configuring and maintaining various networking systems and associated equipment Trained in DoD directives regarding information assurance. Member of the help desk group that provides registration and information services for the Defense Information System Network (DISN) Unclassified but Sensitive Network (SIPRnet/NIPRnet). Experience with Internet/Intranet Web server maintenance