What are the responsibilities and job description for the Information Assurance Team Lead position at By Light Professional IT Services LLC?
Overview
Daily Job Responsibilities:• Provide technical leadership and support to an RMF 4 Independent Assessment Team which is responsible for providing technical and programmatic Information Assurance Services to internal and external customers in support of network and information security systems.• Responsible for ensuring that all system deliverables comply with Information Assurance policy, specifically NIST 800-53, Information Assurance Implementation.• The team is responsible for providing technical leadership in designing and implementing sound test strategies and plans associated with platform development, infrastructure management and implementations in order to identify risks and increase efficiencies.
Responsibilities
Duties will include (but are not limited to):• Based on OMB, NIST, and client specific guidance, process and related documentation, the team will develop and submit Security Authorization Packages.• Brief review findings with system owners and ISSOs (optional). At that time, the system owner will have a chance to discuss findings for clarification and/or correction.• Make recommendations to correct RMF documentation and process deficiencies discovered while conducting reviews of completed or closed POA&M and RMF Packages.• Assess vulnerabilities of the client systems.• Define system security requirements in accordance with applicable IA requirements.• Ensure that the implementation of security designs properly mitigate identified threats.• Provide input to Assessment Process activities and assist in updating/creating relevant SOP's.• Manage the Assessment Process for systems assigned to the team.
Required Experience/Qualifications
Required Skills:• Ability to manage and mentor an assessment team.• Exceptional verbal and written communication skills including briefings and debriefings of client personnel including Information System Security Officers (ISSO), System Owners and Chief Information Security Officer (CISO)• Thorough knowledge of, and experience with, the NIST 800 series publications to include: 800-30, 800-37, 800-53, and 800-53a.• Previous experience creating all necessary Assessment and Authorization documentation. Experience should clearly be defined in resume.• Ability to manage team members handling authorization packages for multiple systems of different size and complexity. Experience should be outlined in resume.• Experience conducting security scans and developing findings
Preferred Experience/Qualifications
Preferred Skills:Proficiency evaluating and analyzing results from the following set of tools, to include but not limited to Xacta, Nessus Pro and Security Center (SCCV), and Oracle
Special Requirements/Security Clearance
Clearance Level (Required to Start): Secret (or Interim Secret)
Degree & Years of Experience:Bachelor’s degree and 10 years of experience or equivalent experience in lieu of a degree.
Certification Requirements:Either of the following:Certified Information Systems Security Professional (CISSP) or ability to obtain within 6 monthsCertified Authorization Professional (CAP) or ability to obtain within 9 months
Travel Requirement:Less than 10% travel to local customer sites in Washington DC for Customer MeetingsAdditional Information: Work to be performed site in McLean, VA