FISMA/C&A Specialist

Job Description

Company: RONIN Information Technology Services, LLC

Location: Leesburg, US

The FISMA/C&A Specialist supports the Chief Information Security Office (CISO) in providing oversight through the NIST Certification and Accreditation (C&A) of Human Resources, Law Enforcement,

Finance or Regulatory Affairs systems. Supports the CISO in developing and maintaining the agency-wide information assurance program, its information security policies, procedures and control techniques as directed under FISMA.

The FISMA/C&A Specialist manages and executes the complete security project lifestyle review and testing of the SP800-53. The work break down is to support; policy management, and training and awareness. The individual will review detailed descriptions of the controls, provide edits and feedback on their actionable quality, and based on the descriptions perform tests to prove the validity of these assertions through interviews, examining of evidence and either overseeing or directly running technical scanning tools against targeted systems. Must set performance to MS Project plans.

Experience

• 4 years working in a IT environment, preferably within the Federal Government
• 2 Years experience in Information Assurance / Certification and Assurance environment
• 2 Years experience in FISMA, NIST, Circular 800-53, and OMB
• Experience in conducting security assessments
• Knowledge of FISMA process and tools (Cyber Security Assessment and Management – CSAM) – Preferred
• Excellent proficiency in Microsoft Office Suite (Word, Excel, Project, PowerPoint, Access)
• Experience as a technical writer/publisher (Desired)

Skills/Personal Qualities

• Excellent oral and written communication skills
• Ability to work in a fast-paced, dynamic environment
• Ability to interface with all levels of management
• Excellent time management, scheduling, and organizational skills
• Ability to work well independently or in a team setting
• Ability to shift focus according to sometimes rapidly changing work load requirements
• Excellent people skills, and passion for solving problems
• Excellent attention to detail.

Clearance: Must be able to maintain and obtain a clearance, Secret or above

Federal Information Security Management Act – FISMA, Microsoft Office, National Institute of Standards and Technology – NIST, OMB 300

Policy and Program Specialist – Provides program, policy and procedural support on behalf of the Chief Information Security Office (CISO) of the Client and affiliates. This individual will help influence the outcome and effectiveness of the agencies overall IT infrastructure. Responsible for maintaining liaison with the Client’s Information Technology System Security division. Will be responsible for analyzing and summarizing in writing and orally the clients and federal directives, mandates and guidance as they apply within the Agency and the Information Systems Division. Responsible for maintaining a well organized repository of up to date information related to policy and procedures which include bulletins, memos, newsletters, procedures, handbooks, and policy correspondence. Works with the CISO’s sections and ISD branches to integrate insights into actionable behaviors and auditable artifacts.

Responsible for executing and performing internal processes which includes the contractors new-hire process, the CISO change process, the weekly activity reports, the organizational administration of the CSAM C&A tool, and the communications process with the Service Delivery Brach and the Service Management Branch. Produces appropriate artifacts for agency wide policy, support, audit and deployment. Institutionalizing CISO internal processes, involving process analysis, definition, documentation and communication. Responsible for updating and authoring IA policy and providing written responses to informational requests regarding policy interpretation and application. Leads documents, tracks and improves the existing and ongoing security waiver, contingency planning, training and awareness programs, and internal meeting minutes.

Qualifications/Experience

• 3-5 years experience in a IT environment, preferably within the Federal Government
• 3 years experience in information security (IS) including: knowledge of FISMA and associated Federal regulations/guidance
• Experience with Federal C&A process; OMB; familiarity with NIST 800 series documents
• Experience working with scorecards, artifacts, mandates, policies and guidance
• Experiences in the following standards such as ISSO 9000, CMMI and ITIL  Proficiency in Microsoft Office Suite (Word, Excel, Project, PowerPoint, Access) Skills/Personal Qualities:
• Must have excellent written, organizational and interpersonal skills that meet a complex and demanding environment
• Must be analytical, process and results oriented with a background in IT support and knowledge of information security
• Ability to work in a fast-paced, dynamic environment
• Ability to interface with all levels of management
• Ability to work well independently or in a team setting

Clearance: Must be able to obtain and maintain a clearance, Secret or higher preferred Education, Degrees, Certifications:

Bachelor’s degree in Computer Science, Information Systems, Engineering, or equivalent technical experience

PMP and/or CISSP Certifications (Desired)

Microsoft Office, National Institute of Standards and Technology – NIST, OMB 300

Job Type: Full Time

Source: LinkedIn