Responsible for managing the interaction with System Owners and departments in preparing systems for Accreditation & Authorization (formerly C&A) process.
Coordinate with Development and Infrastructure Teams to respond to all questions from external & internal auditors. .
Provide management of status and mitigation process for pending vulnerabilities.
Perform update & management of contingency planning documentation including Business Impact Analysis, Information System Contingency plans, recovery checklists, and lessons learned.
Update & management of Plans of Action and Milestones (POA&Ms) and system information and documentation managed in the Cyber Security Assessment Management tool (CSAM); along with other items required for Department FISMA. DHS, & OIG reporting
Work with IT staff and other administrative areas to gather/manage MARAD wide security documentation
Support the Information Security Office Awareness and training efforts.
Complete all tasks assigned by the ISSO/ISSM.
Bachelor’s Degree with 6+ years of relevant professional security experience.
Business Continuity and Disaster Recovery Planning
Information Security Governance and Risk Management
Operations Security, including Change Control Mgmt.
Technical experience in systems management and network management.
CISSP, CISA or CDRP Certification.
Experience with Tripwire or Big Fix, a plus.
Demonstrated ability to handle concurrent tasks.
Effective organization and problem-solving skills.
Ability to communicate effectively both orally and written.
Ability to work as part of a team and independently.
Clearable for Public Trust Clearance