Risk Management Engineer
Company Name:
OBXTek
IA Risk Management Engineer
POSITION based out of Tyson's Corner, VA (HQ office)
Information Technology Washington DC, DC, United States
REQUIRED : CISSP or CAP, Oracle Certification, Bachelors Degree, Security and IT experience
Recommended: CISSP, Masters Degree in related field, other IT and Security related Certifications
The Risk Management (RM) Engineer functions as an information system security testing subject matter expert (SME) by providing expertise in developing and implementing security testing for multiple Consular Affairs/Consular Systems and Technology (CA/CST) systems during the Annual Control Assessments (ACAs). In addition, the RM Engineer tracks and reports status, and brings any obstacles that may impact the completion of the ACA to the attention of the PM of RM Team Lead in a timely manner. The RM Engineer ensures that ACA packages are submitted to IA and follows up to ensure IA approval of ACAs prior to fiscal year end. The RM Engineer has the following roles:
Annual Control Assessment (ACA) Engineer: The ACA Engineer is responsible for conducting and completing Annual Control Assessments for all Department of State CA Automated Information Systems (AIS) as part of continuous monitoring. This responsibility requires the engineer to complete work in a timely manner, conduct technical testing, and interview various government employees and contractors. This position requires a working knowledge of the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 and previous experience with the technical security testing of various types of software (e.g., MS SQL Server, Windows, Linux, Oracle, and Internet Information Server). The ACA Engineer should be familiar with Commercial-Off-The-Shelf (COTS) products used to facilitate the Assessment and Authorization (A&A) of systems. The ACA Engineer is responsible for entering all ACA results into the Consular Affairs Certification and Accreditation (CACAMS) COTS application and creating Plan of Action and Milestones (POA&M) that result from the ACA so that are actionable with realistic dates.
Plan of Action and Milestones (POA&M) Reviewer: The POA&M Reviewer is responsible for the analyzing and assisting in the remediation of all Plan of Action and Milestones (POA&M) for all systems within the CA Bureau. This responsibility includes identifying POA&M items with the stakeholder that can be resolved and reporting items closed or opened to the POA&M Manager in a clear and concise manner. The POA&M Reviewer interacts with various teams including government, operations, and development to reduce the number of POA&M findings.The POA&M Reviewer also conducts POA&M reviews of Certification findings prior to IA submission.
Please send resume to or call 703 639 0861Estimated Salary: $20 to $28 per hour based on qualifications.
OBXTek
IA Risk Management Engineer
POSITION based out of Tyson's Corner, VA (HQ office)
Information Technology Washington DC, DC, United States
REQUIRED : CISSP or CAP, Oracle Certification, Bachelors Degree, Security and IT experience
Recommended: CISSP, Masters Degree in related field, other IT and Security related Certifications
The Risk Management (RM) Engineer functions as an information system security testing subject matter expert (SME) by providing expertise in developing and implementing security testing for multiple Consular Affairs/Consular Systems and Technology (CA/CST) systems during the Annual Control Assessments (ACAs). In addition, the RM Engineer tracks and reports status, and brings any obstacles that may impact the completion of the ACA to the attention of the PM of RM Team Lead in a timely manner. The RM Engineer ensures that ACA packages are submitted to IA and follows up to ensure IA approval of ACAs prior to fiscal year end. The RM Engineer has the following roles:
Annual Control Assessment (ACA) Engineer: The ACA Engineer is responsible for conducting and completing Annual Control Assessments for all Department of State CA Automated Information Systems (AIS) as part of continuous monitoring. This responsibility requires the engineer to complete work in a timely manner, conduct technical testing, and interview various government employees and contractors. This position requires a working knowledge of the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 and previous experience with the technical security testing of various types of software (e.g., MS SQL Server, Windows, Linux, Oracle, and Internet Information Server). The ACA Engineer should be familiar with Commercial-Off-The-Shelf (COTS) products used to facilitate the Assessment and Authorization (A&A) of systems. The ACA Engineer is responsible for entering all ACA results into the Consular Affairs Certification and Accreditation (CACAMS) COTS application and creating Plan of Action and Milestones (POA&M) that result from the ACA so that are actionable with realistic dates.
Plan of Action and Milestones (POA&M) Reviewer: The POA&M Reviewer is responsible for the analyzing and assisting in the remediation of all Plan of Action and Milestones (POA&M) for all systems within the CA Bureau. This responsibility includes identifying POA&M items with the stakeholder that can be resolved and reporting items closed or opened to the POA&M Manager in a clear and concise manner. The POA&M Reviewer interacts with various teams including government, operations, and development to reduce the number of POA&M findings.The POA&M Reviewer also conducts POA&M reviews of Certification findings prior to IA submission.
Please send resume to or call 703 639 0861Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
