Information Systems Security Representative (4660)

SMX•Washington, DC

1d•$99,000 - $166,500•Onsite

About The Position

Law Enforcement Agency OCIO's organization is providing Information Systems Security as a Service and requires ISSRs to support cybersecurity stakeholders. This position is on site in Washington, DC and requires an active Top-Secret clearance. Essential Duties & Responsibilities: Ensure that FBI ISs are operated, maintained, and disposed of in accordance with the internal security policies and practices outlined in the approved Security Assessment and Authorization (SAA) package Manage the SAA process for new FBI ISs and legacy FBI ISs migrating into the GRC application Provide baseline security controls to the system owner, contingent upon the IS’s security categorization, type of information processed and entity type Provide a recommendation to the Authorizing Official, in consultation with the system owner, regarding systems’ impact levels and ISs’ authorization boundary Ensure that new entities are created in the GRC application with the security categorization of FBI ISs. Initiate, coordinate, and recommend to the FBI Authorizing Official all Interconnection Security Agreement (ISAs), Memorandum of Understanding (MOUs), and Memorandum of Agreement (MOAs) that permit the interconnection of an FBI IS with any non-FBI or joint-use IS. Perform an independent review of the System Security Plan (SSP) and make approval decisions. Request and negotiate the level of testing required for an IS with the Enterprise Information Security Section and the FBI Authorizing Official. Schedule security control assessments in coordination with the system owner. Coordinate IS security inspections, tests, and reviews with the Security and system owner. Submit the final SAA package to the FBI Authorizing Official for a security ATO decision. Ensure that the Security ATO Electronic Communication (EC) is serialized into Sentinel under the applicable case file number. Advise the FBI Authorizing Official of IS vulnerabilities and residual risks. Ensure that all POA&M actions are completed and tested. Coordinate initiation of an event-driven reauthorization with the FBI Authorizing Official. Ensure the removal and retirement of FBI ISs being decommissioned, in coordination with the SO, ISSO, and ISSR.

Requirements

At least 7 years serving as an ISSR at a cleared facility.
Minimum of 10 years work experience in a computer science or Cybersecurity related field.
Hold Aat least one of the following certifications: Certified Information Systems Security Professional (CISSP), Global Information Security Professional (GISP), or the CompTIA Advanced Security Practitioner (CASP) or other certifications exemplifying skill sets such as those described in DoD Instruction 8570.1 IAM Level III proficiency.
Familiarity with the use and operation of security tools including Tenable Nessus and/or Security Center, IBM Guardium, HP Weblnspect, Network Mapper (NMAP), and/or similar applications
Active Top-Secret security clearance

Nice To Haves

A bachelor's or advanced degree in Computer Science, Cybersecurity, or other cyber discipline is preferred
Experience supporting a federal law enforcement agency

Responsibilities

Ensure that FBI ISs are operated, maintained, and disposed of in accordance with the internal security policies and practices outlined in the approved Security Assessment and Authorization (SAA) package
Manage the SAA process for new FBI ISs and legacy FBI ISs migrating into the GRC application
Provide baseline security controls to the system owner, contingent upon the IS’s security categorization, type of information processed and entity type
Provide a recommendation to the Authorizing Official, in consultation with the system owner, regarding systems’ impact levels and ISs’ authorization boundary
Ensure that new entities are created in the GRC application with the security categorization of FBI ISs.
Initiate, coordinate, and recommend to the FBI Authorizing Official all Interconnection Security Agreement (ISAs), Memorandum of Understanding (MOUs), and Memorandum of Agreement (MOAs) that permit the interconnection of an FBI IS with any non-FBI or joint-use IS.
Perform an independent review of the System Security Plan (SSP) and make approval decisions.
Request and negotiate the level of testing required for an IS with the Enterprise Information Security Section and the FBI Authorizing Official.
Schedule security control assessments in coordination with the system owner.
Coordinate IS security inspections, tests, and reviews with the Security and system owner.
Submit the final SAA package to the FBI Authorizing Official for a security ATO decision.
Ensure that the Security ATO Electronic Communication (EC) is serialized into Sentinel under the applicable case file number.
Advise the FBI Authorizing Official of IS vulnerabilities and residual risks.
Ensure that all POA&M actions are completed and tested.
Coordinate initiation of an event-driven reauthorization with the FBI Authorizing Official.
Ensure the removal and retirement of FBI ISs being decommissioned, in coordination with the SO, ISSO, and ISSR.