Security Assessment and Authorization Specialist
Ke`aki Technologies, LLC, headquartered in Honolulu, Hawaii, is a Native Hawaiian Organization (NHO) owned business. A premier government services company, Ke`aki Technologies offers a full spectrum of solutions that improve the performance and operational effectiveness of our government and Department of Defense customers. Our mission synchronized solutions are designed to deliver exactly what our customers need, when they need it. From base and range operations to biomedical defense support to telecommunications and IT services, we deliver the exact talent, tools and technologies needed to meet mission requirements.
Ke`aki Technologies has an exciting opportunity for a Security Assessment and Authorization Specialist (SAAS ). The position will be located at the Securities Exchange Commission (SEC) located in Alexandria, Virginia. This position requires United States Citizenship and is contingent upon award.
The SAAS will provide IT Security program support to include providing support in developing and documenting SA&A Policy, procedures, guides, Security Assessment Reports (SARs) and IT security standards and plans. Successful candidates will have experience in analyzing audit and security testing findings and providing responses and recommendations and will identify IT risks and define appropriate mitigation approach and risk management processes.
- Support identification of and development of security-related projects at a Federal client
- Support FISMA reporting requirements and aid in data collection and validation for CyberScope reporting
- Ability to formulate and review policies and procedures for compliance with Federal mandates. Ability to draft or update policies to attain compliance.
- Develop Corrective Action Plans (CAPs) or similar
- Support internal audit process
- Input data and maintain information within automated information security management tools – RSA Archer experience a plus
- Manage and track security vulnerabilities provided by automated scanning tools, including tracking status of open issues
- Conduct security controls assessments in accordance with NIST SP 800-53a
- Create Security Assessment Reports in accordance with NIST guidance
- Support Security Working Group by providing logistical and organizational support, identifying topics of discussion, preparing presentations, keeping meeting minutes
- BS degree in IT or related major, or combined 5+ years of experience in Technical Writing, IT Security and Federal Governance.
- Ability to conduct Security Assessments in accordance with NIST SP 800-53a Rev. 1.
- Experience in developing Security Authorization risk assessments and FISMA response plans.
- Required knowledge of FIPS and NIST requirements and IT Security procedures.
- Familiarity and understanding of Federal environment.
- One or more security certifications, such as CAP, CISSP, etc. highly desirable.
- Familiarity with Federal POA&M and FISMA processes in order to provide coordination and support.
- Extensive knowledge in FISMA compliance, FIPS directives, the NIST SP 800 series, and OMB directives related to information security.
- Knowledge of IT Security requirements as pertain to the Exhibit 53 and Exhibit 300 submissions.
- Ability to prioritize and meet deadlines.
- Excellent critical thinking skills.
- Strong writing and communication skills.
- Ability to translate technical information for non technical personnel.
- Ability to interpret OMB memoranda related to information security and apply those requirements to the environment, or make recommendations for compliance.
- Ability to conduct security authorization assessments in accordance with NIST guidance.
CLEARANCE: Candidates must hold or be able to obtain a Public Trust clearance.
- Experience in conducting security authorization testing and annual assessments
- Experience and familiarity with Corrective Action Plans (CAPs).
- Experience developing Security Control Assessment Reports or similar.
- Experience with automated risk management tracking systems – RSA Archer experience desirable.
- Experience with CyberScope reporting requirements and gathering information to support.
- Experience in Common Security Configurations (DISA STIGs, CIS Benchmarks, etc) and NIST SP 800-70, Security Configuration Checklist Program for IT Products.)
- Experience in the U.S. Securities and Exchange Commission a plus.
LOCATION: Alexandria, Virginia
JOB TYPE: Full-Time
FLSA STATUS: Exempt
Ke`aki Technologies LLC is a fast growing government service provider. Employees enjoy competitive salaries; a 401K plan with company match; medical, dental, disability, and life insurance coverage; tuition reimbursement; paid vacation and sick time; and 10 paid holidays.
For additional information on Ke`aki Technologies, LLC, please visit www.keakitech.com.
Ke`aki Technologies, LLC is proud to be an Equal Opportunity Employer/Affirmative Action Employer (EEO/AA) and applicants will be considered without regard to race, color, religion, age, sex, disability, national origin, marital status, or genetic information.