![]() ![]() Conduct FISMA annual reviews of all IS’s and networks to ensure no security changes have been made to invalidate the A&A.Manage IASO’s/ISSO’s, as required, to establish the scope of responsibilities and the technical and security training requirements.Conduct security inspections, assessments, tests, and reviews.Report security violations and incidents to the servicing RCERT in accordance with prescribed Incident and Intrusion Reporting procedures.Enforce IAVM dissemination, reporting, compliance, and verification procedures as described in CJCSM 6510.01 and related guidance.Develop and enforce a formal IA/Cs security and training program.This position will work hand-in-hand with the customer team as well as external teammates across all program security functions. The ISSE will support security authorization activities in compliance with DoD Risk Management Framework (RMF), the National Institute of Standards and Technology (NIST) Risk Management process. The successful candidate will be responsible for implementing and/or managing the following Principles of IA (confidentiality, integrity, non-repudiation, availability, and access control). ![]() Certification and accreditation process.Intrusion detection contingency planning.Identification, authentication, and authorization.Commercial off-the-shelf and government off-the-shelf cryptography.The ISSE will apply system security engineering expertise in one or more of the following: They will reviews assessment and accreditation (A&A) documentation and provide feedback on completeness and compliance of its content. The ISSE will assess and mitigate system security threats/risks throughout the program life cycle, and contribute to the security planning, assessment, risk analysis, risk management, certification, and awareness activities for system and networking operations. They will support the building of security architectures and enforce the design and implementation of trusted relations among external systems and architectures. They will assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions. The ISSE will build IA into systems deployed to operational environments. These will include those for networking, computing, and enclave environments, those with multiple enclaves, and those with differing data protection/classification requirements. They will design, develop, implement, and/or integrate IA and security systems and system components. The ISSE will validate and verify system security requirements definitions and analyses and establish system security designs. The assessments will be used to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies. ![]() CALIBRE Systems Inc., an employee-owned Management Consulting and Digital Transformation company, seeks an Information Systems Security Engineer (ISSE) to perform and/or review the technical security assessments of computing environments. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |