Information Security Specialist
DatamanUSA, LLC - Washington, DC

This job posting is no longer available on DatamanUSA, LLC. Find similar jobs: Information Security Specialist jobs - DatamanUSA jobs

Job ID: 2191473

Job Title: Information Security Specialist

Job Location: Washington DC

Job Type: CTH

Job Duration: 6 months

Roles And Responsibilities:
The qualified applicant be supporting the USPS Corporate Information Security Office (CISO) in the security certification & accreditation of Postal Service information resources.

Required Key Skills

Provide Information Technology Security Certification and Accreditation (C&A) guidance.

Facilitate initial briefings and subsequent meetings of the C&A core team.

Coordinate the completion of a Business Impact Assessment (BIA) per the guidelines of USPS Handbook AS-805 Information Security for each information resource.

Work with the Privacy Office on privacy-related requirements.

Recommend security requirements to executive sponsors and portfolio managers during the BIA process based on generally accepted industry practices, the operating environment [e.g., hosted in the de-militarized zone (DMZ)], and the risks associated with the information resource.

Provide guidance on how information resources are vulnerable to threats, what controls and countermeasures may be appropriate, and the C&A process.

Review and evaluate C&A documentation, including the BIA, Risk Assessment, Security Plan, Security Test and Evaluation (ST&E) plan and report, and independent reviews of the information resource.

Prepare the C&A Evaluation Report.

Escalate security concerns or forward the C&A Evaluation Report and supporting C&A documentation package to the certifier.

Work with the Information Systems Security Officer (ISSO) to complete C&A artifacts and sending the other required artifacts (e.g., Technical Architecture Diagram (TAD) and security specifications for procurements) to the ISSO.

To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:

Bachelor's degree in Information Technology or similar engineering discipline or an equivalent combination of education and training that provides the required knowledge, skills, and abilities to perform the roles and responsibilities.

Knowledge of one or more of the following NIST Special Publications: 800-12, 800-14, 800-18, 800-30, 800-34, 800-37, 800-39, 800-53, 800-53A, 800-61, 800-64, 800-95, 800-100, 800-122

Knowledge of FIPS Publication 199

Must be able to obtain a Position of Public Trust Designation

Desired Key Skills

Direct experience with any of the following Certification and Accreditation (C&A) programs/processes

National Information Assurance Certification and Accreditation Process (NIACAP)

Department of Defense Information Technology Security Certification and Accreditation Process (DITSCAP)

Systems Security Certification and Accreditation (C&A) within the Defense Logistics Agency (DLA) for Defense-in-Depth

Certification and Accreditation Process for Certifiers—Defense Information Systems Agency (DISA)

Knowledge of one or more of the following NIST Special Publications: 800-13, 800-21, 800-25, 800-28, 800-32, 800-40, 800-41, 800-44, 800-45, 800-46, 800-47, 800-48, 800-51, 800-57, 800-60, 800-63, 800-88, 800-92, 800-94, 800-111, 800-114, 800-115, 800-121, and 800-123

Knowledge of one or more of the following FIPS Publications: 180-3, 186-2, 190, 196, 197, and 198

One or more of the following credentials:
a) Certified Information Systems Security Professional (CISSP) b) Certified Authorization Professional (CAP) c) Certified Secure Software Lifecycle Professional (CSSLP)