SMS is seeking an Information Assurance Security Specialist – Journeyman to join our team supporting the United States Coast Guard in Springfield, VA. The Information Assurance Security Specialist is responsible for all Risk Management Framework (RMF) activities for implemented CDM technologies. You'll also work in a dynamic environment with other IA professionals using the latest technology.
As a dynamic systems integrator, SMS offers proven solutions in engineering, operations, cybersecurity, and digital transformation. With expertise in modernizing and optimizing legacy infrastructure and systems, ensuring operational efficiency, and designing, implementing, and managing secure environments, SMS supports business and mission goals with proficiency, quality, and integrity.
SMS has been serving the advanced information technology needs of the federal government since 1976, delivering talented teams and innovative, cost-effective solutions and services to support our customers’ missions for more than 40 years. SMS is headquartered in McLean, Virginia, with offices and on-site operations at customer locations throughout the United States. For additional information on SMS, visit www.sms.com.
Submit your resume today
The Information Assurance Security Specialist – Journeyman will be responsible for the following:
• Provide the United States Coast Guard (USCG) with tailored documentation to support their security authorization.
• Support Security Test and Evaluation/Security Assessment activities.
• Support USCG system accreditation and Ongoing Assessment and Ongoing Authorization processes and activities to ensure the implementation of NIST SP 800-53 security controls.
• Manage all Information Assurance activities, responsible for enabling the ongoing assessment and ongoing authorization of CDM solution utilizing Risk Management Framework (RMF) and automated Security Assessment and Authorization tools.
• Implement Risk Management Framework policy and application across the CDM program.
• Provide SME knowledge of NIST Security Controls and Control Implementation methodologies for the SA&A process.
• Develop and maintain System Security Plan, Security Assessment Report (SAR), and Plans o Action and Milestones and other security documentation.
• Support POA&M remediation activities and the creation of POA&M closure documentation.
• In depth knowledge of FIPS 199 Security Categorizations.
• Seasoned technical individual contributor who is a self-starter capable of working with other team members to achieve operational targets with significant impact on departmental results.
• Work independently with limited supervision.
• May be responsible for managing independent security related projects/processes in support of USCG program requirements.
• Provide SME support and input supporting system design, solutions, and procedures.
• Responsible for assessing and developing authorization packages for technical solutions that may require collaboration with internal expertise and deep analysis of the technical solution.
• Collaborative and communicates with parties within, and outside, of own job function. May have responsibility for communicating with parties external to the organization (e.g., customers, vendors, etc.)
• Understands and supports Privacy Compliance Activities to include the development of Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), and Statement of Record Notices (SORN).
• Facilitates and monitors information assurance (IA) processes for new projects, including the development of security authorization packages and the tracking of progress for all Security Control implementations and Plans of Action and Milestones (POA&M).
• Development of all Security Authorization artifacts and documentation and assembling of Authorization packages.
• Responsible for administration and adherence of the Risk Management Plan.
• Coordinate closely with the Quality Assurance Specialists in identifying and mitigating risk to meet established quality standards.
• 3+ years related work experience.
• DOD Secret Intimate understanding of NIST RMF implementation guidance.
• Well-developed understanding of Federal Civilian or DHS Security Assessment and Authorization (SA&A) processes.
• In-depth understanding of the relevance of NIST Security Controls and Control Implementation methodologies to the SA&A process.
• Can demonstrate understanding of critical documentation required in Security Authorization (SA) Packages.
• Ability to understand and support Privacy Compliance Activities to include the development of Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), and Statement of Record Notices (SORN).
• CSSP-AU certification
SMS is an Equal Opportunity Employer.
SMS is a veteran-owned network integrator established in 1976. With an employee retention rate averaging over 5 years, our ability to hire quality people and retain them in a rapidly evolving IT market proves why we are a world-class information technology company. At SMS, we place a high value on quality of service, customer satisfaction, and best-of-breed policies and practices. As a result, SMS is proud to be ISO 9001:2008 Registered and a CMMI Level 3 certified company, ensuring that we continue to meet and exceed the expectations of our customers, partners and employees.