Address
Form of workThis position is contingent upon award.
JOB SUMMARY: Provide guidance assistance to all levels of C&A technical and non-technical personnel. Put C&A packages together and submit them to the proper agency. Track and report the status to the customer. Document existing and proposed information architecture to convey compliance, problems, and solutions. Resolve incidents and breaches, mitigating problems, and informing key personnel. Analyze networks to identify vulnerabilities and reduce breaches. Develop and implement scanning and certification plans for network control and maintenance. Assist the Government in performing threat assessments to determine if potential threats to a system/network exist and the likelihood of that threat actually occurring to the system. Assist in ensuring that IA and IA-enabled software, hardware, and firmware comply with appropriate security configuration guidelines. Assist in executing all security tests and evaluations and support the creation of comprehensive threat and risk assessment reports.
REQUIREMENTS:
- Should have knowledge in DISA Accreditation process including System Categorization, Security Controls Implementation and Assessment.
- Knowledge of governing policies CNSSI 1253, DoD 8500.01, DoD 8510.01, DoDI 8510.01, NIST SP 800-37 and NIST SP 800-37r.
- Certified on RMF accreditation process, RMF Control assessment, and use of enterprise Mission Assurfance Support Service (eMASS) application.
PRIMARY DUTIES:
Oversee the overall security, integrity and operations of TETSS systems and networks IAW DISA Accreditation process including System Categorization, Security Controls Implementation and Assessment. A Security Lifecycle Approach, NIST SP 800-53 Recommended Security Controls for Federal Information Systems and Organizations, CJCSM 6510.01IA Chairman of the Joint Chiefs of Staff Manual, 6212.01E Interoperability and Supportability of Information Technology and National Security Systems, DoD 5220.22-M National Industrial Security Program Operating Manual (NISPOM), DoDI 8551.1 Ports, Protocols and Services Management (PPSM), Federal Information Security Management Act (FISMA), AR 380-5 Department of The Army Information Security Program, and AR 25-2, Information Assurance.
- Collect and maintain data needed to meet Cybersecurity reporting requirements.
- Ensure Security Technical Implementation Guide (STIG) configuration, patching, scanning and testing of systems.
- Develop/review Communication System Requirement Document (CSRD) technical solutions to provide network, computer system, financial, installation, outside agency coordination, information assurance and customer assistance.
- Develop/find technical solutions and work plans that are consistent with architectural and information system security guidelines.
- Support the Government in the development of assessment and authorization (A&A) packages via the RMF, IAW Army Policy Directive AR 380-5 Department of the Army Information Security Program and AR 25-2, Information Assurance, DoD Directive 8500.1, DoD Instruction 8500.2, DoD Instruction 8510.01, Intelligence Community Directive (ICD) 502, ICD 503, NIST SP 800-53, and AFI 33-210 Air Force Certification and Accreditation (C&A) Program and supports TETSS customers/users with their specific network and stand-alone system accreditations to include maintaining and updating Trusted Facility Manuals, system descriptions, security policies, user guides, system architectures and security-related documentation.
- Prepare and present training tailored for initial and periodic Information Awareness (IA) Training, System Administrator Technical Awareness, and executive level IA.
- Provide information to support System Administrators, Network Managers, users, procurement staff and security personnel and monitor, implement and report on all security/configuration patches/changes (i.e., IAVA and security/vulnerability advisories).
- Perform a weekly review of the audit trail for TETSS systems IAW Army Policy Directives AR 380-5 and AR 25-2, DoD Instruction 8500.2, ICS 500-27, and ICS 700-02.
- Conduct vulnerability testing and risk analysis as part of the overall assessment process on all networks and systems as determined by the Government.
RELEVANT EXPERIENCE: 5 years' experience in information system security development and management.
EDUCATION/CERTIFICATION: Bachelor's degree in IT, Computer Science, or Engineering. IAT Level 2 Certification preferred.
SECURITY CLEARANCE: TS/SCI
ABOUT US: At MCSG Technologies, we believe the path to success begins by empowering our employees to do what is best for our customers. This helps create value for our customers and business partners through efficiencies and cost-effective relationships that are built on trust, while delivering on-time and within budget. Our company ethos is simple Empowered to serve our customers, our communities, our colleagues.
BENEFITS OFFERED: Medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, EAP, parental leave, paid time off, holidays and more. Learn more about MCSG Technologies benefits: https://www.mcsgtech.com/benefits/.
COLORADO'S EQUAL PAY ACT: In compliance with Colorado's Equal Pay for Equal Work Act, MCSG Technologies considers several factors when extending an offer, including but not limited to, the role and associated responsibilities, a candidate's work experience, education/training, and key skills.
EOE STATEMENT: We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, disability status, protected veteran status or any other characteristic protected by law.
EXECUTIVE ORDER 14042 ENSURING ADEQUATE COVID-10 SAFETY PROTOCOLS: The United States government may require that all employees, plus all contract employees performing services on behalf of the federal government, be fully vaccinated against COVID-19. In accordance with EO 14042, MCSG Technologies may require that all employees with MCSG Technologies be fully vaccinated against COVID-19.
