n-Link Corporation was founded in 1995 as a high-end enterprise IT solutions firm attracting high-flying performers to join our company of owners. As a woman-owned small business, the founder created an Employee Stock Ownership Plan (ESOP) in 1999 and 10 years later became 100% ESOP-owned. In 2011, the company was selected as a \"Top Small Company Workplaces\" by Inc. Magazine and was awarded the prestigious \"Innovation Award\" by the National Center for Employee Ownership (NCEO). n-Link has also won a place on Inc. Magazine's 500/5000 fastest growing companies list for several years.
This role will entail leading tasks for the organization's federal information security management act (FISMA) business activities within various internal and external boundaries, including: core infrastructure, and hosted application delivery, and security operations as it relates to servers and applications as well as IT Policy, high impact systems and Cloud managed services and applications assessment and review in support of authorizations to operate (ATOs).
Acting as a subject matter expert in the FISMA and Security Assessment & Authorization (SA&A) lifecycle process. You will be responsible for planning, developing, finalizing, and reviewing key deliverables in each stage of the SA&A process. As a result, a strong understanding of standards and requirements outlined by FISMA, NIST, Office of Management and Budget (OMB) and others are required.
* Support FISMA security assessment and authorization (SA&A) tasks and activities for various general support systems (GSS), major/minor applications (MA). Work face-to-face with Mission Solutions & Mission Operations key personnel; interviewing, planning, or participating in a team effort to bring multiple complex systems to accreditation ready state.
* Conduct technical reviews of new and existing IT systems in order to identify the appropriate control identification & mitigation strategies required to bring these systems into compliance with established policy and industry guidelines.
* Prepare authorization to operate (ATO) documents and supporting artifacts.
* Interact with Security, Engineering, and Operations support teams.
* Create POA&Ms.
* Initiate and verify the completeness of authorization or re-authorization of all systems.
* Monitor and maintain current knowledge of applicable Federal and organization security laws, memorandums, mandates, guidance, and alerts.
* Collaborate with system owners and support staff to understand system requirements, and provide guidance on how to best protect their applications in accordance with NIST.
* Possess active TOP SECRET security clearance
* Bachelor's degree and seven (7) or more years of job-related experience (or equivalent combination). Four (4) or more years of progressive information security experience with Federal Government projects, preferred
* Possesses a industry-recognized certification, which can include, but is not limited to:
* Certified Authorization Professional (CAP)
* Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM)
* Certified Information System Security Professional (CISSP)
* Certified Ethical Hacking (CEH)
* Knowledge of FISMA and NIST SP 800-53 requirements, and cybersecurity principles
* Strong customer-service attitude, and ability to multi-task and work independently
* Strong knowledge and experience with the most recent FISMA regulations, NIST special publications, FIPS publications, and OMB regulations
* Demonstrated knowledge of Federal regulations and standards, such as the Federal Information Security Management Act (FISMA), Security Publication 800-53, standards and guidance published by the National Institute of Standards and Technology (NIST) Security Publications.
* Experience with security control assessment (SCA) testing
* Knowledge of system security plans (SSP), and security risk and vulnerability assessments
* Familiarity with the System Development Lifecycle (SDLC)
* Experience creating and reviewing and detailed authorization to operate (ATO) package documents such as some of the following: SSP, SAR, CP, CMP, and POAM
BENEFITS & PERKS:
n-Link provides competitive benefits to include, Medical, Dental, Vision, 401K and an Employee Stock Ownership Plan (ESOP).
Associated topics: forensic, identity, identity access management, iam, information technology security, phish, security, security engineer, security officer, vulnerability