Security Specialist - Risk Management Framework
Job Description
Prepare security documentation for seven systems to include test plan, security plans, hardware list, software list data flow diagrams, standard operating procedures, policies and network diagrams, topological drawings to illustrate the interconnection between the systems and or networks.
- Ensure proper use of remote access connectivity from NGA to the Personnel Security and Background Investigation systems approved by NGA’s CIO and Information Technology Services Directorate (CIO-T) office and maintained in accordance with NGA’s policy and procedures.
- Services offered ensure the File Transfer Protocol (FTP) connections from NGA to the Background Information system meet NGA and National Institute of Standards and Technology (NIST) requirements.
- Data sensitivity and coordinating use of multiple security countermeasures to protect the integrity of the information assets in the enterprise is an overarching goal, in addition to protecting and ensuring data sensitivity is being enforced.
- Ensure the user community of this network is in conformance with all computing standards of NGA.
- Information exchange security ensures the site-to-site VPN tunnels are established based on the NGA and Department of Defense (DoD) requirement.
- Rules of behavior the Personnel Security and Background Investigation systems, users are protecting the data in accordance with NGA and DoD policies, standards, regulations, and procedures for the specified systems.
- Formal security policy and procedures ensure investigation operations will follow accreditation standards using Intelligence Community Directive (ICD) 503, RMF, categorizing methods of High Confidentiality, High Integrity, and Moderate Availability level.
- The contractor is expected to protect the Background Investigation systems through implementation of security controls that protect against malicious behavior to include intrusion, tampering and virus between the two systems.
- Audit trail responsibility provides a means to detect, prevent, record in an audit trail and report to the Information System Security Officer (ISSO) any attempts by non-authorized users to access the system. Provide audit logs to NGA monthly.
- Ensure security parameters controls that were identified by NGA be augmented by policies and procedures.
- Ensure Security categorization of High Confidentiality, High Integrity and Moderate Availability based on the information types are followed.
- Training and awareness of system, contractors are required to complete annual refresher IT Security Awareness training as well as additional security training based on their Security Specialist roles and responsibility.
- Specific equipment restrictions and document interconnections are required for all systems.
- Ensure no personal computers or other agency computers will be used across the interconnection or on the NGA Networks.
- As part of the monthly report, conduct vulnerability scans bi-weekly and Security Technical Implementation Guide (STIG) System scans every three months and provide results of scans.
Required Skills
- Excellent customer service skills and excellent people skills.
- Proven communication skills – verbal, written and listening.
- Excellent attention to detail skills.
- Able to work effectively according to a schedule and with minimal direction.
Qualifications
- Active Top Secret SCI security clearance.
- Bachelor’s degree and 7+ years of equivalent experience within related field.
- Active CompTIA Security + and/or CISSP experience.
- Experience with Risk Management Framework and accreditation.
- Knowledge of Cybersecurity policies and procedures.
Pay
$125,100.00 - $225,200.00
Schedule
Not specified
Benefits
We value our employees and want our employees to take care of their overall wellbeing, which is why we offer best-in-class benefits such as medical, dental, vision, paid time off, 401(k), life insurance, flexible work schedules, and holidays to fit your busy lifestyle!
Company Info
Parsons is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, veteran status or any other protected status. We truly invest and care about our employee’s wellbeing and provide endless growth opportunities as the sky is the limit, so aim for the stars!