TDI is seeking an Information System Security Officer to join our team in support of our customer’s Contingency Program based in the DC Metro area.
Develop an annual Information System Contingency Planning (ISCP) program of work plan and schedule based on age of previous documents, required update cycles, and system updates to include third party Federal Risk and Authorization Management Program (FedRAMP) certified cloud providers.
Develop and/or annually revise IT Business Impact Analysis (BIAs) to include business processes and IT dependencies for up to 50 approved or in-progress customer IT systems.
Utilize virtual means to collect BIA data to include, but not limited to survey forms, telephone calls, and electronic mail.
Perform annual review and analysis of the CIO Continuity of Operation (COOP) related documentation, ISCPs, and other recovery plans for NIST, the customer, and other Federal policy and standards compliance in order to produce checklists for up to 50 approved or in-progress customer IT systems.
Annually update the nation-wide customer CIO’s COOP plans based on age of previous documents, required update cycles, and organizational changes.
Create and/or annually revise CIO Crisis Management Plans (CMP), Business Resumption Plans (BRP), communications and other contingency related documents or plans based on age of previous documents, required update cycles, and organizational changes.
Utilize customer’s and/or TDI templates where available for plans, checklists, and reports.
Monitor and track IT system Contingency Plan (CP) program related document postings in the customers CSAM tool to produce quarterly status reports with relevant metrics.
Include summary of efforts and metrics as part of the monthly program reviews.
Conduct and document annual notification drills for up to 50 approved customer IT system ISCPs. One drill to be conducted every fiscal year.
Conduct and document annual table top CIO COOP exercise for enterprise level leadership and personnel.
Organize, observe, and document recommendations from tabletop and/or functional COOP or other CP related exercises at nation-wide customer sites for up to two locations each calendar year.
Produce test plans, draft after action reports, final after action reports, and other documents for government review and comment. Utilize the customers and/or TDI templates where available.
Manage customer’s CIO COOP SharePoint site to include updates of membership, posting relevant COOP related documents, and performing quarterly reviews of content and membership.
Bachelor’s degree in Computer Science, Cyber Security or related discipline. Equivalent experience can be used in lieu of education.
Minimum five (5) years of information security experience with at least two years performing System Assessment and Authorization in accordance with NIST guidelines.
Experience developing System Security Plans, performing Security Assessments, developing ATO packages, and managing POA&Ms.
Good knowledge of NIST Risk Management Framework (RMF). Experience assessing, mitigating, and tracking risks and vulnerabilities.
Excellent written and verbal communication skills.