Cadre, LLC has a career opportunity available for an on-site, full-time Technical Professional to join our team of highly qualified and diverse individuals at NAS Patuxent River, Maryland.
Duties and responsibilities:
The selected candidate will serve as an Information Systems Security Officer (ISSO) for government information systems in support of a NAVAIR program.
Perform extensive assessments of systems and networks within the networking environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy by performing passive evaluations (compliance audits) and active evaluations (vulnerability assessments).
Establish strict program control processes to ensure mitigation of risks and support obtaining certification and accreditation of systems including:
- process support;
- analysis support;
- coordination support;
- security certification test support;
- security documentation development/support;
- investigations;
- software research;
- hardware introduction and release;
- emerging technology research inspections; and
- periodic audits.
Assist in the development and implementation of the required government documentation or policy (i.e., RMF, NISPOM, JSIG) and make recommendations on process tailoring.
Perform extensive analysis to validate established security requirements and to recommend additional security requirements and safeguards.
Support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of test results, and preparation of required reports.
Periodically conduct a review of each system's audits and monitors corrective actions until all actions are closed.
Required qualifications:
- Bachelor’s degree in computer and architecture information systems management or related field from an accredited college or university or equivalent experience is required.
- An additional four (4) years of relevant experience may be substituted for a bachelor’s degree
- Two (2) years of experience with mid-sized client/server systems in systems analysis, software design, software development, and system administration is required.
- Experience with DoD M5205.07 Series, Risk Management Framework (RMF) requirements as well as experience in drafting, submitting, and maintaining RMF packages is required.
- Knowledge of quality assurance, quality control, and independent verification and validation techniques is required.
- Experience working independently and as part of a team in researching data, developing analytical techniques and methodologies is required.
- Experience managing secure Information Systems (IS) and databases while implementing and maintaining cross-domain solutions is required.
- A current Information Assurance Manager (IAM) Level I certification in accordance with DoD 8570.01-M, or the ability to gain the IAM Level I certification within six months is required.
- Selected candidate will be subject to a government security investigation and must meet eligibility requirements for access to classified information. A current Top-Secret clearance with a Single Scope Background Investigation (SSBI) completed within the last 5 years is required.
Preferred qualifications:
- Experience with Risk Management Framework (RMF) in accordance with NIST SP 800, Joint Special Access Program Implementation Guide (JSIG).
- Knowledge in the development and maintenance of system security plans and contingency plans for all systems under their responsibility.
- Experience in drafting, maintaining, and planning System Security Checklists, Privacy Impact Assessments, and Authority to Operate (ATO) artifacts.
- Experience in developing Plan of Action and Milestones (POA&M) documentation for identified vulnerabilities and ensure compliance through monthly / quarterly updates.
- Understanding of maintenance and inventory process for information Security Systems.
- Experience in developing a variety of Assessment & Authorization deliverables, including System Security Plan (SSP), Security Assessment Report (SAR), Contingency Plan (CP) and Plan of Action and Milestones (POA&M) for review and approval for Authorization Official.
- Knowledge in monitoring and conducting Security Control Assessment to ensure all controls meet security requirements as stipulated in the SSP, NIST SP 800-53, JSIG.
- Experience in communicating technical Information to non-technical personnel.
- Experience in coordinating with Leadership across the organization to ensure timely compliance.
- Experience in developing waivers and exceptions for information system vulnerabilities.
- Knowledge of quality assurance, quality control, and independent verification and validation techniques.
- Experience working independently and as part of a team in researching data, developing analytical techniques and methodologies.
Cadre, LLC is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.
Benefits for full-time employees:
- Work-Life balance
- Gratifying culture
- Employer-shared health, dental, and vision insurance
- 401(k) and employer matching contributions
- Paid leave
- Eleven (11) paid holidays
Job Type: Full-time
Schedule: Eight-hour shift
Security clearance: Top Secret (preferred)
Work Location: In person
About Cadre, LLC
Cadre, LLC is an economically disadvantaged women-owned small business in Maryland. We believe that our customer support should be smart, sure and surprising, with employee support beyond the limits for all hands who contribute in all ways to Cadre’s mission.
Pay: $125,000.00 - $175,000.00 per year
Benefits:
- 401(k)
- 401(k) matching
- Dental insurance
- Health insurance
- Paid time off
- Retirement plan
- Vision insurance
Work Location: In person