SMS is a fast growing, veteran-owned business that's has supported Federal Government's IT initiatives for over four decades. We work side-by-side with our Federal clients as a trusted, long-term partner to offer innovative advice and leadership to solve their most pressing and complex problems. We orchestrate people, strategies, technologies and best-of-breed business processes. The SMS advantage in management and technology consulting includes deep domain expertise in complex networking design and unifying communities of interest.
We have strong capabilities in design & build, planning, governance, quality management, security, analytics, virtualization, operations and business process improvement. For 40 years, SMS has brought customer satisfaction to Federal clients and formed lasting alliances with leading technology companies and talented small businesses to deliver joint, leading-edge, cost-effective services and products.
Submit your resume today!
In this role, you will apply your understanding of computer security, military system specifications, and Department of Defense Information Assurance (DoD) (IA) policies, in the execution of all aspects of the systems and their Cybersecurity posture. You would be responsible for DoD Information Assurance Risk Management Framework (DIARMF), and the implementation of Cyber Security and IA boundary defense techniques, various IA-enabled network technologies and appliances to facilitate certification and security engineering tasks in support of the customer.
You will partner with IT Security Analysts and Enterprise Architects to establish, understand, and adhere to technical and IT security standards. Involved in all aspects of the technology life-cycle to ensure that non-functional and functional requirements are adhered to in design and build so solutions are stable, secure, resilient, and perform well.
As the Mid-level Assessment and Authorization support, this position will be responsible to plan, develop, and execute automated and manual tests to validate security posture/controls in accordance with DOD 8500.2/8510.01. This position will work directly with teams that support DoD Information Assurance Certification and Accreditation (DIACAP) and Risk Management Framework (RMF). The candidate will analyze current documents, and provide detailed reports. The candidate will assist the government with input, instructions, and guidance as needed for the creation of adequate package documentation and artifacts. The candidate will review test plans and procedures to ensure the test plan addresses the correct level of effort and is sufficiently comprehensive to validate all IA requirements applicable to the IT system or site being assessed and accredited. The candidate shall evaluate IA discrepancies and recommend mitigation measures for reducing or eliminating specific risk items. The candidate may also be tasked to engage the JSP CA Liaisons, SCA Reviewers, and ISSMs to discuss and obtain mitigation guidance. Further, the candidate will author DoD IA Assessment and Authorization artifacts, document a system from an IA perspective using Microsoft Office including MS Visio, MS Word, MS Excel and other appropriate tools. A minimum of 5 years of experience in analyzing and securing DoD or Information Technology systems for compliance with specifications, requirements and policies including hands on support under the application of DIACAP / RMF. Candidate must display and convey an understanding of computer security, military system specifications, DoD IA policies and the ability to communicate clearly and succinctly in written and oral presentations.
Work under general supervision to provide Cybersecurity engineering documentation services to build secure technical documentation for applications, systems, architectures, and infrastructure that are operationally viable and efficient. Assist with leveraging security policies and procedures to protect the organization’s systems and information while enabling achievement of organization’s objectives. Update and maintain core enterprise lifecycle documents, including system security plan, security assessment plan and report, contingency plan, standard operating procedures, remediation plans, and configuration management plan.
Job Duties and Responsibilities;
You could also be asked to:
Due to the sensitivity of customer related requirements, U.S. Citizenship is required.
Preference to those with;
Experience in coordination of;
Experience in ITIL framework
Experience with conducting internal security reviews/audits of responsible government systems
Ability to work with technical subject matter experts, including hardware and software designers, operations personnel, and test engineers and communicate potential security risks and mitigations
Ability to develop and present briefings to technical and senior management audiences and communicate assessment results, risk analyses, mitigation strategies, and forward plans
Experience with DoD Certification and Accreditation (C&A) process, DoD Authorization & Accreditation including familiarity with Risk Management Framework (RMF) and the process to obtain an Authority to Operate (ATO).
Strong English communication skills with ability to communicate clearly and succinctly in written and oral presentations.
SMS is an Equal Opportunity Employer.
SMS is a veteran-owned network integrator established in 1976. With an employee retention rate averaging over 5 years, our ability to hire quality people and retain them in a rapidly evolving IT market proves why we are a world-class information technology company. At SMS, we place a high value on quality of service, customer satisfaction, and best-of-breed policies and practices. As a result, SMS is proud to be ISO 9001:2008 Registered and a CMMI Level 3 certified company, ensuring that we continue to meet and exceed the expectations of our customers, partners and employees.