Location:
Washington, DCJob Description:
- Optimize security for the systems with the designated system boundaries
- Provide support to help the FISMA POC ensure that the customer’s requirements for IT security are being met
- Update System Security Plans and document evidence of NIST SP 800-53 Rev 3/4 internal controls for security
- Provide support and assistance to optimize the Configuration Management for Systems based on Published Baselines
- Provide support for configuration management compliance reviews and patch management updates and status reporting.
- Review and remediate any critical/high impact vulnerabilities scan results
- Develop contingency/disaster recovery plans
- Update System Test Plans and Evaluations (ST&E) for Annual Control Testing
- Ensure that requests for FISMA Assessment and Authorizations are completed
- Document security weaknesses in Plans of Action and Milestones (POAMs)
Job Requirements:
- Experience using BURP or Nessus and OWASP web application scanner
- 2 years of C&A/ST&E experience
- Knowledge of NIST IA policies
- Experience with RETINA, DISA Gold Disk, DISA STIGS, and Security Readiness Review scripts
- BS degree in Computer Science, Information Systems, Engineering or related field preferred
- Security+, CISSP is highly desirable but not required
- US Citizenship is required