Job Responsibilities/ Duties:
• Develop, consult, implement controls and documentation for the security of the system. This includes: outlining system operating environment, overall mission, physical diagrams, hardware and software inventories, configuration management, type of data processed, user organizations, security classifications, operating modes, interconnections to other systems/networks, security personnel, and other associated responsibilities.
• Oversee, develop, improve and maintain the overall security posture of the system; that includes: Information System Security Plans, Risk Ratings, Contingency Plans, Security Assessments, and Contingency Plan Tests and other associated documentation.
• Participate in the development or revision of security controls of the system and local operating procedures that are based upon regulatory, policy and industry requirements.
• Act as a consultant to system owners for the security of the system and system documentation. For example, security incident reports, equipment/software inventories, operating instructions, technical vulnerability reports, and contingency plans
• Provide expertise in classified and unclassified ratings to customers.
• Work closely with technical teams for successful Certification & Accreditation of the system that leads to ATO
• Attend ISSO training courses and sessions as required
• Perform interpretations of monthly vulnerability scan results of assigned systems
Senior Level IT Security Certifications (CCDP, CCNP Security, CISSP, CISM, etc.)
Education/Equivalent Training Required: Bachelor’s Degree or equivalent experience will be evaluated
Unique/Additional /Experience (Position Specifics):
Expert knowledge of FISMA and NIST Special Publications
Experience implementing, assessing and managing security controls for federal IT systems
Expert knowledge of IT security best practices
Expert knowledge of current IT security threats
Broad knowledge of IT technologies and operations
Ability to develop good working relationships with customers, colleagues and other stakeholders.
Excellent verbal and written communication skills
Ability to handle and prioritize multiple simultaneous systems, projects and other assignments.
Experience leading information security teams
Knowledge of HIPAA, FedRAMP, PCI, ISO and other standards
Location(s): District of Columbia (Metro Area),
Department: IT Security
Keywords: Certification and Accreditation, C&A, A&A, SA&A, FISMA, compliance, information assurance, ISSO, AISO, ISO, IASO and ISSM
Comments: US Citizen, US Government Suitability Determination and DoE Q Security Clearance is a Plus
Job Title: Security Engineer/ Architect (50% Remote)
Location: Greenwood Village, CO
Duration: 12+ Months Contract (Very High possibility of Extension/ Conversion)
KP’s Cyber Security team is looking to expand, mature, and execute the Enterprise Technology Security Hardening Service. The goal of the Security Hardening Service is to develop security-hardening standards for platforms, applications, networks and protocols. These hardening standards serve as the gold image requiring compliance for all implementation of a particular technology or a protocol. The hardening standards take into account the entire lifecycle of a technology or a protocol, and include hardening requirements and/or security recommendations for each phase in the lifecycle from a people, process and technology perspective. These baselines are produced and maintained for applications, networks, and platforms to ensure consistent implementation of technical security controls across KP’s technology landscape. This position is focused towards providing expert level security guidance for producing and maintaining security certifications for KP’s IT landscape based on identification and analysis of security control gaps, industry security best practices, regulatory guidance, and KP’s IS Policies. The position will also involve building a security strategy for the service to ensure the service is extensible to accommodate the changing IT landscape for near term future (e.g. cloud, mobile, big data etc.).
Top 3-5 Daily Responsibilities:
Top 3-5 Required Skills:
If you are qualified, available, interested and planning to make a change, or know of a friend who might have the required qualifications and interest, you can contact me on desk: 415-915-1164 even if we have spoken recently about a different position. If you do respond via e-mail please include the Best time to call and phone number so I can reach you.
Anuj S. Verma
Executive – Resourcing
Pyramid Consulting, Inc.