COPPER RIVER ENTERPRISE SERVICES

  • Security Assessment & Authorization SME II

    Job Location
    VA-Crystal City
    # of Openings
    1
    Security Clearance
    Active Secret
    Percentage of Travel Required
    10% or less
    Type
    Regular Full-Time
  • Responsibilities

    • Advise government program managers on security testing methodologies and processes
    • Perform system analysis, system audits, system monitoring, security control assessment/testing (or ST&E), risk management, and incident response
    • Evaluate certification documentation and provide written recommendations for accreditation to government PM’s
    • Evaluate IT threats and vulnerabilities to determine whether additional safeguards are needed
    • Conduct certification tests that include verification that the features and assurances required for each protection level are in place
    • Conduct and coordinate IS security inspections, tests, and reviews
    • Experience preparing the final Security Assessment Report (SAR) containing the results and findings from the assessment
    • Initiate a POA&M with identified weaknesses and suspense dates for each IS based on findings and recommendations from the SAR

    Qualifications

    • Education:
      • Bachelor’s degree
      • Computer security certification (CISSP, CCSP, CISM, GSLC, or CASP)
      • 6+ years of relevent experience
    • Required Knowledge/Experience:
      • Working knowledge of various hardware platforms and software applications:Operating Systems: Red Hat Linux Enterprise v6.x, Windows Server 2016, Windows Server 2012 R2, VMware vSphere ESXi v6
      • Applications: eMASS, CSAM, Xacta, Tenable Nessus Security Center
      • Web/Database: MySQL, Oracle Database, Microsoft SQL Server 2008 R2 Standard
      • Must have a good understanding of SDLC and RMF Process
      • Experience advising government program managers on security testing methodologies and processes
      • Experience performing system analysis, system audits, system monitoring, security control assessment/testing (or ST&E), risk management, incident response
      • Experience evaluating certification documentation and provide written recommendations for accreditation to government PM’s
      • Experience reviewing system security to accommodate changes to policy or technology
      • Evaluate IT threats and vulnerabilities to determine whether additional safeguards are needed
      • Experience advising the government concerning the impact levels for Confidentiality, Integrity, and Availability for the information on a system
      • Experience conducting certification tests that include verification that the features and assurances required for each protection level are in place
      • Experience with conducting and coordinating IS security inspections, tests, and reviews
      • Experience assessing changes in the system, its environment, and operational needs that could affect the accreditation
      • Experience preparing the final Security Assessment Report (SAR) containing the results and findings from the assessment
      • Experience with Initiating a POA&M with identified weaknesses and suspense dates for each IS based on findings and recommendations from the SAR
      • Experience performing risk assessments and make recommendations to customers
    • Preferred Knowledge/Experience:
      • Bachelor’s preferably in Information Systems, Computer Engineering, Computer Science, Cyber Security, or equivalent experience

    Other Responsibilities

    • Perform other tasks consistent with the goals and objectives of the department/contract
    • Perform other duties as assigned by Sr Program Manager

     

    Invest in a company that invests in you! Copper River provides its employees with ample opportunities for career growth and development. Tuition reimbursement is offered to help employees further their education and skillset. Other perks include Open Leave, 401k matching with immediate vesting, Medical, Vision, and Dental coverage.

     

    EEO/AA Employer Minorities/Females/Vets/Disability

     

    Disclaimer: The above statements are intended to describe the general nature and level of work performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed