SRA International, Inc., A CSRA Company Information Security Engineer Office (ISSO) - Active Top Secret in Chantilly, Virginia
Clearance Level Must Currently Possess:
Top Secret w/SCI eligibility
Clearance Level Must Be Able to Obtain:
Top Secret SSBI (Single Scope Background Investigation)
No Suitability Required
Team Overview: As a key participant within a cohesive Information Assurance (IA) and security engineering team you will share responsibilities for conducting STIG and FISMA compliant System Assessments and Authorization (SA&A) and maintaining continuous Approval To Operate (ATO) for customer built and maintained applications supporting missions worldwide. Direct responsibilities will be based on your greatest strengths and interests. Our team culture also promotes individual mentorship and cyber security career path growth in latest information system technologies. Our team constantly seeks out to provide smart and effective solutions backed by efficient team built system architectures plus team documented and tested process and procedures.
Work is located in Chantilly, VA with work schedules somewhat flexible to accommodate family and commuting.
Active Top Secret clearance and ability to take a CI polygraph examination is required. CISSP certification is also required.
Perform Certification & Accreditation (C&A), System Assessment & Authorization (SA&A) as part of NIST SP 800-37 Risk Management Framework (RMF) system and application accreditation
Prepare Vulnerability Scanning test plans, coordinate testing, and conduct scans using Nessus, Foundstone, WebInspect, Hailstorm and other scan applications
Analyze vulnerability scan results for validation and root cause
Perform security system event analysis, investigation, and validation
Provide incident response to classification spills, malware infection, misconfiguration exposure, internal inappropriate behavior and technical issue
Participate in Lifecycle Management (LCM) Technical Change Control Boards (TCCB) providing technical guidance for security control compliance
Perform Security Technical Implementation Guide (STIG) and Federal Information Security Management Act (FISMA) assessments and annual reporting
Perform Security control assessments as part of Continuous Monitoring NIST SP 800-53 V4 compliance sustainment for application, infrastructure, and network
Task, track and mitigate Plan of Action & Milestones (POA&M) vulnerability scan and security assessment findings requiring mitigation.
Privileged User Account Management and Role Based Access assignment
Privacy Threshold Assessment (PTA) and Privacy Impact Assessment (PIA) as part of Personal Identifiable Information (PII) Management
Maintain Change Management Plans (CMP), Incident Response Plans (IRP) Information System Contingency Plans (ISCP), and System Security Plans (SSP)
Prepare and conduct training, exercises, and functional testing of IRP and ISCP
Ideal Candidate: Candidates who are highly motivated, passionate in their IT security tradecraft, and looking to make a positive difference every day are best suited for this position. Candidates should possess a general level of understanding and basic level of experience across all team roles and responsibilities with a concentration of significant experience in at least 2-3 skill sets below.
Preferred Skill Sets:
BS degree in Computer Science or Information Technology (5 years’ experience without degree)
3-5 years system and application Certification & Accreditation (C&A), System Assessment & Authorization (SA&A), and/or Independent Validation and Verification (IV&V)
2-5 years security system monitoring, syslog and traffic analysis, and incident response
2-3 years developing and maintaining standard operating procedures and work instructions
2-3 years fulfilling Information System Security Representative (ISSR) role
2-3 years fulfilling Windows and/or Unix administrator role or support
DESIRED QUALIFICATIONS: BS or equivalent + 9 yrs related experience, or MS + 7 yrs related experience
# of Openings:
Scheduled Weekly Hours:
T elecommuting Options:
Telecommuting Not Allowed
USA VA Chantilly - 14360 Newbrook Dr (VAC291)
Additional Work Locations:
CSRA is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
THINK NEXT. NOW.
CSRA is tomorrow’s thinking, today. To “Think Next. Now.” is to imagine a better future and to deliver it, today. For our customers, our partners, and ultimately, all the people our mission touches, CSRA is realizing the promise of technology to change the world through next-generation thinking and meaningful results.
We understand that our customers' missions require new methods and imaginative thinking. We bring together government IT professionals, emerging technologies, and the brightest, cutting-edge advisors in the industry to deliver a broad range of innovative, next-generation IT solutions and professional services to help our customers modernize their legacy systems, protect their networks and assets, and improve the effectiveness and efficiency of mission-critical functions for our warfighters and our citizens.
Everywhere you look, CSRA is there. We’re in our nation’s infrastructure, in training and education, in cyber security, in serving veterans who served us—and, so much more. Take some time to learn more about CSRA. You might be surprised to learn how we touch your life.
We are a company of 18,000+ smart, talented individuals, yet we enjoy a start-up culture that inspires us to make a difference while delivering results in this rapidly evolving world. Join our team and use your skills and expertise to support the safety, security, health and well-being of the nation.