Tetrad Digital Integrity LLC

Senior Information Assurance/Security Specialist

US-DC-Washington DC
2 months ago
ID
2017-1097
# of Openings
1
Category
Information Technology

Overview

TDI is seeking a Senior Information Assurance/Security Specialist to provide timely and accurate information assurance services and control testing utilizing client provided guidance, testing tools, and templates. These services are essentially divided into two related disciplines: FISCAM Control Analysis and Testing: The “Federal Information System Controls Audit Manual” (FISCAM) and RMF Control Analysis and Testing for a system that is subject to the application of the Risk Management Framework (DoD 8510.01) which is based upon the security control set contained in NIST SP 800-53 Revision 4.

Responsibilities

  • Analyze each FISCAM control, determine how it applies to the system, identify if or how the system meets the control objective, document the control technique, gather evidence, and then perform testing of the control.
  • Collaborate with the System Manager and COR to develop an overall annual Test Plan for the controls. Prepare test packages using a client provided Microsoft (MS) Word document template then enter it into a customer built application in MS Access. For control tests that fail, develop a Deficiency Report (DR) and a Corrective Action Plan (CAP).
  • Analyze applicable RMF controls and assessment procedures and their relationship to the system and documentation. Special focus will be given to the controls that are currently non-compliant. Provide a recommendation to the System Manager (in writing) on what changes should be carried out to bring the system into compliance on the controls.
  • For assessment procedures that can be tested with existing documentation or existing system features, gather evidence and upload it to into the Enterprise Mission Assurance Support Service (eMASS) system. Provide written test results for the assessment procedure to the System Manager and COR within four business days.
  • For controls that require long-term actions to achieve compliance, develop Plan of Actions and Milestones (POA&M) items for each. The POA&M items will be collaborated with and approved by the System Manager.

Qualifications

  • Education and experience: Bachelor’s Degree in technology related discipline. 4+ years of information assurance experience.
  • Skills: Experience with determining enterprise information assurance and security standards. Experience developing and implementing information assurance/security standards and procedures. Experience with assessing security controls based on DoD (DIACAP) or NIST 800-53 guidelines. Demonstrated ability to work independently or under only general direction. Proficiency in Microsoft Office products to include Excel, PowerPoint, and Word; strong interpersonal and communication skills with the ability to lead and work as part of a team; and demonstrated strong oral and written communication and client facing skills.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed