Offer summary

Qualifications:

Experience with ICD 503/NIST 800-53 certification and accreditation processes., Knowledge of the Risk Management Framework and developing System Security Plans., Understanding of Public Key Infrastructure-based authentication and security policies within the IC., Ability to interpret security scan results and communicate technical information effectively..

Key responsibilities:

Develop and maintain System Security Plans (SSPs).

Support system accreditation and continuous monitoring activities.

Review audit logs and track security plans using task management systems.

Coordinate with system administrators and engineers to implement security policies.

Applied Integrated Technologies, Inc. (AIT) is dedicated to providing specialized services in the Cyber Security, Information Technology, Intel Analysis, and Linguist Services markets. By combining a strong background in systems engineering and IT solutions with experienced operational analysts and linguists, AIT is able to assist our customers by implementing creative and innovative solutions. We do this by utilizing the latest technological advancements and proven methodologies to support our customers’ specific mission requirements. Established in August 2001, AIT is a small business that develops large business solutions while maintaining an agile and responsive approach. Headquartered in the Baltimore/ DC Metropolitan Area, AIT is rapidly expanding throughout the United States and overseas, currently supporting customers in Maryland, Virginia, Texas, Georgia, Utah, Washington, Oregon and various overseas locations.

Job description

Job Details

Job Location: Maryland - Columbia, MD

Position Type: Full Time

Salary Range: Undisclosed

Job Category: Engineering

Description

The candidate will be responsible for security architecture and systems engineering supporting projects (primarily MFAMS, TITUS and JBlocks). The ISSO will provide guidance to the team to support system accreditation (IATT and ATO).

ISSO tasks include:

Develop and maintain System Security Plans (SSPs).
Work with ISSM and DAOs to ensure systems obtain and maintain accreditation.
Apply continuous monitoring techniques to evaluate the systems security posture
Create tasking for developers and system administrators as changes and patching are required.
Ensure security policies, practices, and procedures are implemented.
Track Plans of Actions and Milestones (POA&M)
Review Audit Logs
Perform Data transfers.

Qualifications

Experience with:
- The ICD 503/NIST 800-53 certification and accreditation process
- The Risk Management Framework
- Developing and maintaining SSPs
- IAVA review and handling
- Interpreting Security Scan results
- Interfacing with System Administrators and Software Engineers
- Task tracking systems (e.g. Jira, Redmine, ServiceNow)
Understands:
- Public Key Infrastructure-based authentication
- A variety of security policies, especially within the IC
- fundamentals of technical security risk assessment
- Understands how to perform analysis of alternatives
Able to clearly communicate ideas and status updates to management and other stakeholders.