Key Facts

Remote From:

Full time

English

Hard Skills

Security Administration Assessment And Authorization Risk Management Remediation Systems Infrastructure Security Cyber Security Digital File Management Risk Management Vulnerability Assessments Lifecycle Management Information Advice And Guidance Security Analysis Stakeholder Communications Internal Documentation

Other Skills

•
Communication
•
Detail Oriented
•
Prioritization
•
Report Writing

Georgia IT, Inc.

About Georgia IT, Inc.

Georgia IT, Inc. provides IT Consulting for a wide range of IT services and custom build turn-key enterprise solutions. GIT specializes in improving business scalability and efficiency through BSM and SBA Solutions. GIT transforms business with service management and service automation solutions. We are BMC & HP partners. GIT Services include custom built enterprise software and customer-centric web portals, network design and implementation, remote and site-to-site VPN, network and server security assessment and setup, server and desktop virtualization, and many others. GIT also provides IT Consulting in many areas such as Disaster Recovery Planning, Enterprise Data Backup Strategy, Long Term Strategic IT Planning and Augmentation Professional Services Solutions. Professional Services Specialties: Business Process Integration, Software Integration & Development, Web portal, Networking, Remote and site-to-site VPN, Virtualization Solutions, Product Development Please contact us Hrus@georgiait.com / uthay@georgiait.com/470-798-5000 x 1010 / (732) 890-2535 direct

Founded: 2018

Company size: 51 - 200

Website LinkedIn See all jobs →

Job description

Hi

Client: NIH
Role: Security Controls Assessor
Location: REMOTE

Job Description:
· FedSME is looking for a candidate to provide Security Assessment Services to NIH.
· Conduct cybersecurity assessment that will thoroughly review the current state of entire information technology, infrastructure and security to identify vulnerabilities in its systems, policies, controls and practices; and develop a prioritized road map of activities with a clearly defined set of actions to mitigate and remediate the risks identified.
· Support NIST Risk Management Framework (RMF) based Assessment and Authorization (A&A) activities.
· Monitor and prepare required actions and documents pertaining to the A&A of the system throughout its lifecycle, to include security evaluation findings and residual risks.
· Conduct comprehensive reviews of security authorization documents to ensure the appropriate NIST security guidelines were used during the assessments and the selections of security controls are relevant to the confidentiality, integrity, and availability of the systems.
· Ensure required security authorization activities are completed and the results are documented. Review and process Interconnection Security Agreements (ISAs), Policy Waivers, Approval to Test (Telecommunication), and Interim Approval to Operate (IATO) documents.
· Assist the Government in preparing a written justification, when appropriate, to obtain a written waiver of policy for mandated security features. Provide guidance and support for all assigned Security Authorization activities, develop SAR's.
· Create the CSS Plan, including rules of engagement (ROE) for each major application, information system, or authorization.
· Document the results of the security control assessment, including recommendations for correcting any weaknesses or deficiencies in the controls, analyze findings, and develop risk mitigation techniques to address

Ready to apply?

APPLY

Share ·