Vencore Information Assurance/Security Policy Engineer Senior Technical Specialist in Chantilly, Virginia

Overview

Vencore is a proven provider of information solutions, engineering and analytics for the U.S. Government. With more than 40 years of experience working in the defense, civilian and intelligence communities, Vencore designs, develops and delivers high impact, mission-critical services and solutions to overcome its customers most complex problems.

Headquartered in Chantilly, Virginia, Vencore employs 3,800 engineers, analysts, IT specialists and other professionals who strive to be the best at everything they do.

Vencore is an AA/EEO Employer - Minorities/Women/Veterans/Disabled

Responsibilities

Summary:

Individual would be responsible for gathering information necessary to provide recommendations in order to maintain a system’s security posture. Would create and maintain the security documentation for certification and accreditation (C&A) and review system designs and proposed changes to identify potential security weaknesses.

Provides technical and programmatic Information Assurance Services to internal and external customers in support of network and information security systems. Designs, develops and implements security requirements within an organization’s business processes. Prepares documentation from information obtained from customer using accepted guidelines such as DITSCAP (DoD Information Technology Security Certification and Accreditation Process). Prepares Security Test and Evaluation plans.

Conducts security program audits and develops solutions to lessen identified risks. Develops strategies to comply with privacy, risk management, and e-authentication requirements. Provides information assurance support for the development and implementation of security architectures to meet new and evolving security requirements. Evaluates, develops and enhances security requirements, policy and tools. Provides assistance in computer incident investigations. Performs vulnerability assessments including development of risk mitigation strategies.

Qualifications

Requirements:

  • Minimum of a TS with SCI eligibility
  • Past experience with a DHS or related program
  • Communicate with the system owner, senior leadership, and developer regarding security considerations of the system engineering life cycle
  • Develop and maintain security accreditation artifacts to include the Security Requirements Traceability Matrix (SRTM), System Security Plan (SSP), and others
  • Manage system Plan of Actions and Milestones (POA&M) to include the drafting of expectations and waivers as appropriate
  • Conduct assessments of system safeguards and controls and respond to external audits as required
  • Interview system administrators and support personnel to extract system functionality narratives
  • Control, label, virus scan and appropriately transfer data (upload/download) between information systems at varying classification levels
  • Conduct research and perform security analysis on the impacts of system designs, modifications, and technological initiatives.
  • Write and validate NIST 800-53Rev 4 control responses based on system documentation
  • Experience with DHS 4300 A policy a plus
  • Requires 12 to 15 years with BS/BA or 10 to 13 years with MS/MA or 7 to 9 years with Ph.D.

Desired Skills:

CISA Certification

CISM Certification

Network Admin / Engineering background prior to ISSO experience

Job ID 2018-50519

# of Openings Remaining 1

Category Engineering

Residency Status U.S. Citizenship Required

Clearance Top Secret/SCI

Employee Type Regular

Time Type Full Time