GENERAL DUTIES:

Responsibilities are full time on customer’s onsite and will cover classified programs and Special Access Programs (SAP). No Telework.Provide subject matter expertise and consulting on security related matters for enterprise information system and network architectures, access problems, and implementation of security policies and procedures.Assist in overseeing and managing day-to-day operation of SAP Information Systems.Optimize system operation and resource utilization and performs system capacity planning/analysis while maintaining the security posture.Assist team in Authorization and Accreditation (A&A) process using RMF across the design lifecycle for classified systems obtaining and maintaining Interim Authority to Operate (ATO), ATO and Authority to Connect (ATC).Create and process RMF authorization SAP packages from submission to approval/disapprovalDevelop and maintain IT security documents, including system security plans, risk assessments, Plan of Action and Milestones (POA&M), contingency plans, incident response plans, IT security policies and procedures.Provide recommendations regarding remediation and mitigation of identified vulnerabilities by developing plan of action and milestones (POA&Ms).Advise developers on integrating security requirementsDemonstrate a strong understanding of Networks, Cloud, and IT system security authorization procedures.      

REQUIRED QUALIFICATIONS:

Demonstrates strong experience with IC/DoD customer's Assessment and Authorization (A&A) process (e.g., RMF, NIST800-53, ICD503). Experience in developing and implementing DoD/DIA approved information security controls, procedures and documentation for the operation of standalone classified systems. A Bachelor’s Degree from an accredited institute in an area applicable to this position and eight (8) years of relevant experienceAn additional four (4) years of relevant experience may be substituted for the bachelor’s degreeMust presently be 8570 compliant (IAT Level 2 preferred); must be 8570 compliant (IAT Level 2)Experience with one or more commercial government cloud service provider’s system accreditation processesExperience with the XactaExperience as a Cybersecurity Control Assessor for SAP Experience with Ongoing Authorizations and Assessments  Experience with C2S Cloud, or DevOpsSec)

CLEARANCE:

TS/SCI with CI Polygraph minimum