SECRET CLEARANCE REQUIRED
The MCEITS Information Security Lead ensures that the program complies with the government's Information Assurance (IA) security requirements, including the evaluation and resolution of new Information Assurance Vulnerability Alerts (IAVAs), successful Certification and Accreditation (C&A) process compliance, and the completion of IA reporting requirements with strong knowledge of the Defense Information Assurance Certification and Accreditation Process (DIACAP). Lead the production support team to assess the impacts of each vulnerability as they are identified by the government, develop and implement a patching plan, and document all findings in formal monthly reports. Responsible to create program documentation detailing system security concepts, system security assessments, tailored security plans, and vulnerability assessments. Responsible to work with the government to support obtaining accreditation of the production system via certification testing of its respective elements, consisting of process support, analysis support, coordination support, security certification test support, and security documentation support.
Manages the security of information systems assets and the protection of systems from intentional or inadvertent access or destruction.
- Responsible for disseminating and ensuring implementation of IA policy, guidance, and training requirements.
- Provides Information Assurance Vulnerability Management (IAVM) and Information Assurance Vulnerability Alert (IAVA)dissemination and reporting, and ensures compliance procedures are followed.
- Verifies that all users who access the systems meet the requisite favorable security investigations, clearances, authorization, need-to-know, and security responsibilities before granting access to the IS.
- Ensures that all personnel who access systems receive system-specific and annual IA awareness training.
- Ensures that log files and audits are maintained and reviewed for the system and that authentication (for example, password) policies are audited for compliance.
- Works with Engineers and Tech Leads to prepare, distribute, and maintain plans, instructions, and SOPs concerning system security.
- Reviews and evaluates the effects on security of system changes, including interfaces with other ISs and ensure all changes have been documented through the CCB; and maintains a position on the CCB for all approvals to ensure security compliance.
- Ensures that system accreditation remains current and coordinates the development and support of C&A requirements so that re-accreditation can be accomplish as required.
- Ensures configuration management for IS software (including IS warning banners) and hardware is maintained for the system and that they are documented.
- Ensures that system recovery processes are monitored and that security features and procedures are properly restored.
- Audits and ensures that current software licenses and security related documentation is current and accessible to properly authorized individuals.
- Identifies, responds to, and reports security violations and incidents as encountered.
Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. CISSP, Security+ IAT Level II required. DoD/Marine Corps IA experience preferred.
8-10 years of related experience in data security administration, including supervisory experience.
||MCEITS Info Security Lead
||Kansas City, MO
Opportunity Employer M/F/D/V