Information Systems Security Specialist​/Officer

Information Systems Security Specialist/Officer page is loaded## Information Systems Security Specialist/Officer locations:
STSY
10 - VA - Quantico FBI Laboratorytime type:
Full time posted on:
Posted Todayjob requisition :
JR108477

Strait Sys Inc Regular
** PRIMARY FUNCTION
** Strait Sys is seeking an Information Systems Security Specialist/Officer to support the FBI in Quantico, Virginia. In this role, you will evaluate, advise, and support the documentation, validation, and accreditation processes necessary to ensure new and existing information technology (IT) systems meet the organization’s information assurance (IA) and security requirements. Your work will ensure appropriate treatment of risk, compliance, and monitoring assurance from internal and external perspectives.
** ESSENTIAL FUNCTIONS*
* • Primary representative for cybersecurity matters, including Science and Technology Branch (STB) reporting requirements, data calls, Office of the Chief Information Officer (OCIO) requirements, as well as legal and compliance matters relating to IT security.

• Identifies gaps, strategic impacts, financial impacts, and the risk profile in the IT security landscape and provides support and recommendations.

• Understands cybersecurity risk management and Authorization to Operation requirements, including legal aspects such as executive order 14028. Understands multifactor authentication, encryption, zero trust, and other aspects of legal requirement and DOJ/FBI recommendation or requirement.

• Performs a variety of information security/cybersecurity tasks and activities that are broad in nature and are concerned with LD systems and assets.

• Provide leadership in infrastructure migration methodologies and techniques including mass application movements into the cloud including:

• Design, implementation, and support of cybersecurity artifacts.

• Mentor existing staff on IT and cybersecurity best practices and technology.

• Actively participate in IT and security meetings   
• Manage the ATO process for LD systems and assets, including control implementation and documentation.

• Inform LD cybersecurity strategy.

• Conducts testing and audit log reviews to evaluate the effectiveness of current security measures. Directs and implements the necessary controls and procedures to cost-effectively protect information systems assets from intentional or inadvertent modification, disclosure, or destruction.

• Monitors security of electronic data, applications system usage, networks, and physical environment.

• Provides guidance and direction for the physical and virtual protection of information systems assets to other functional units.

• Supports all aspects of a Program Information Assurance (IA) processes tailored to include minimum qualification standards, fundamental awareness and familiarity to demonstrated competency with specific experience in Cyber Security, Engineering, Test & Evaluation, (T&E) and/or Security Control Assessor (SCA) under a Certification & Accreditation (C&A) and/or Assessment & Authorization (A&A) process. The specialist should demonstrate a working knowledge of the Risk Management Framework (RMF) process and/or include prior experience with the Defense Information Assurance & Certification Accreditation Process (DIACAP).

• The specialist is expected to evaluate security solutions to ensure they meet security requirements for processing up to classified information and supervise and/or maintain the operational security posture for an information system or program.

• More senior specialists may assist or develop system security policy and ensure compliance of change management and configuration control processes. Plan and coordinate the IT security program and policies supporting the command leadership mission and goals.
*
* SUPERVISORY RESPONSIBILITIES:

No
**** KNOWLEDGE, SKILLS, & ABILITIES  Required*
* • Extensive knowledge and experience with the NIST Risk Management Framework and federal Government accreditation processes.

• Skilled in providing technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, and security implementation.

• Proven success in…