Acquisition Security Principal

About The Position

Requirements

• Master’s degree
• 15 years of general work experience
• 10 years of which must be in acquisition security
• TS/SCI Clearance required

Responsibilities

• Provide subject matter expertise to all acquisitions and security documentation related to the DoD RMF (DoDI 8510.01); DoDI 8500.01, and DoDI 8580.1, IA Implementation in the Defense Acquisition System; and other applicable statutes, regulations, and policies.
• Plan, advise, and execute the activities needed for programs/projects to meet the principles, criteria, procedures, and guidance of the NSA Unified Information Security (INFOSEC) Criteria and cryptographic certification process.
• Perform acquisitions planning to ensure contracts contain the proper specifications for NSA Type 1 certification and RMF deliverables.
• Author, monitor, and record system information in RMF Knowledge Service.
• Prepare and record system, security status, and portfolio management information into the Enterprise Information Technology Data Repository for Federal Information Security Management Act; Security, Interoperability, Supportability, Sustainability, Usability; Clinger Cohen Act; and other statutory compliance.
• Author, review, certify, and/or maintain IA and security management plans to include RMF Implementation Plans, System Security Management Plans, Information Support Plans, PPPs, Security Risk Analyses, Security Vulnerability and Countermeasure Analyses, Security Concepts of Operations, OPSEC Plans, and other system/network security related documents.
• Provide review, analysis, reporting, and tracking of Contractor IA and security activities and deliverables to include Contractor planning, development, implementation, and adherence to DoD IA policy, directives, instructions, and processes.
• Author and review acquisition security related sections of all applicable acquisition and contracting program documentation.
• Coordinate Trusted Systems and Networks and Supply Chain Risk Management evaluation of program information, software, and hardware throughout the program life cycle.
• Maintain or assist in maintaining a database log that reflects receipt, storage, inventory, and disposition of classified information to include data entry, updates, and generation of reports.
• Perform continual analysis, prepare, and present IA and system security management for related reports and reviews.
• Perform audits of Government classified holdings to ensure proper tracking and accountability.
• Maintain a database of classified visits and associated clearance levels.
• Perform or assist in performing inspection, inventory, logging, storage, documentation, transmittal, and internal distribution of classified information received.
• Review and evaluate Contractor classified data submissions for compliance with the appropriate SCG.
• Provide or assist in providing security evaluation and protection to areas where classified information is stored.
• Assist in developing or establishing security procedures and policies.
• Ensure required security documentation (DD Form 254 etc.) is properly tailored and included in procurement packages for systems acquisition.