Posted by: KeyW on Jun 10, 2019
• Develop system security documentation in support of authorization and continuous monitoring under the DoD Risk Management Framework (RMF)
• Coordinate with DAOs Data Owners, SAs and devs for Security relevant changes to SSPs
• Monitor/maintain SSPs for hardware and software changes
• Participate in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access
• Ensures systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the System Security Plan
• Ensures that all system users have the requisite security clearances, authorization, and need-to-know, and are aware of their security responsibilities before granting access
• Research and report on CSIRs
• Review audit events for information systems and address events/incidents that occur with stakeholders.
• Ensures all information system security-related documentation is current and accessible to properly authorized individuals
• Maintains records, outlining required patches/system upgrades that have been accomplished throughout the information system's life cycle
• Update Biscotti by coordinating with SAs and reporting IAVA status
• Create and maintain Plan of Action and Milestones (POAM) as required
• Ensures that all systems/network are compliant and in scope of current accreditation
• Coordinate Nessus or CyborgBunny scans as required
• Evaluates proposed changes or additions to the information system, and advises the Information Systems Security Manager (ISSM) of their security relevance
• Participate in internal / external security audits/inspections
• Directs program system administrators on security matters
• Thorough understanding of the RMF process (Risk Management Framework)
• Highly Experienced with XACTA, LatteArt, Biscotti & SEAR
• Working knowledge of DoDI 8500.2 "Information Assurance."
• Thorough understanding of NIST 800-53, NIST 800-37, DCID 6/3, and the NISPOM
• Experienced with government accreditation requirements under DITSCAP and DIACAP.
• Familiar with Nessus or CyborgBunny.
• Experience in evaluating, testing, certification and accreditation of classified and sensitive but unclassified information systems.
• Experienced with analysis and evaluation of hardware and software in support of the Intelligence Community (IC).
• Able to apply current computer security technologies and IA requirements to maintain system security posture.
• Responsible for maintaining and enforcing approved security policies, standards and guidelines
Minimum of 5 years of experience required
This position requires a Top Secret/SCI security clearance, based on current background investigation (SBI), as well as the favorable completion of polygraph. Clearance and polygraph processing will be completed by the U.S. Government.
KeyW EEO Statement
KeyW, together with its direct and indirect subsidiaries, encourages and actively supports a policy of Equal Employment Opportunity and commits to provide equal opportunity to each individual, regardless of race, color, religion, gender, sexual orientation, age, national origin or ancestry, marital status, veteran status, disability or any other classifications protected by Federal, State or local law. In fact, we foster an environment that promotes diversity, balance and fun-because we believe in the importance of having a workplace as unique as the challenges we solve.
About the Organization
KeyW is a pure-play national security solutions provider for the Intelligence, Cyber and Counterterrorism Communities' toughest challenges. We support the collection, processing, analysis and dissemination of information across the full spectrum of their missions. We employ and challenge more than 2,000 of the most talented professionals in the industry with solving such complex problems as preventing cyber threats, transforming data into intelligence and combating global terrorism.
HR. Website URL: