Security Authorization (C&A) Lead – Department Of Labor/Office Of The Solicitor (Sol)
Columbia, Md, Us
• Developed and updated the information systems security documentation templates (e.g. System Boundary development, System Security Plan (SSP), Contingency Plan, Contingency Plan Test, Business Impact Analysis, FIPS-199, eAuthentication, Privacy Threshold Analysis, etc.) based on changing NIST and federal guidance.• Trained and assisted System Owners, ISSOs and other Stakeholders in understanding documentation requirements. Review completed templates to ensure completeness and accuracy.• Collaborated with security engineers and architects to ensure all controls are met through the design and build process• Developed NIST / FISMA SA&A documentation for the SOL Matter Management System and validated the quality of deliverables produced by the team.• Assessed risks, identified mitigation requirements and developed accreditation recommendations; responsible for tracking SA&A requirements for the SOL MMS and validated that tasks were on schedule, and ensured the delivery of quality documentation.• Assisted in the creation of the SA&A package with the responsibility for gathering information from the ISSO and system owner staffs, applying data to the appropriate templates, and attending meetings in support of the effort• Recommended, support and maintain a security document management solution for a Security Assessment and Authorization program to include FIPS 199, Privacy Impact Analysis, System Security Plans, Security Assessment Plan, Security Assessment Report, Contingency Plan Table Top Test Report, Plan of Action and Milestones (POA&M) management, Risk Assessment and Waiver management documentation and other supporting documents as required for system accreditation's.• Oversaw the coordination of IT Business Continuity and Disaster Recovery planning to ensure the SOL MMS could respond to a disaster so that critical business functions can be resumed within a defined time frame and data loss is minimized