IA Engineer/POA&M Manager Information Technology (IT) - Vienna, VA at Geebo
Scams & Shams AdWatch Home

Vienna, VA   change location

Vienna, VA

Enter a City:
Previously visited locations:
United States;
SearchorPost
Geebo » Vienna, VA » Employment » Information Technology (IT)

IA Engineer/POA&M Manager

Apertus Partners is an Economically Disadvantaged Woman Owned Small Business, headquartered in Leesburg, VA HUBZone. We provide IT managed services, and contracting support in both the federal and commercial space.

Clear. Concise. Results.

Description:
As a direct report to the Program Manager, the IAE/Plan of Actions and Milestones (POA&M) Manager functions as an information system security subject matter expert (SME) on FISMA, NIST standards and guidelines, Privacy Act, HIPAA, E-Gov, OMB Circulars A-11 and A-130, and Clinger-Cohen as they apply to data and application security. Primary duty is POA&M Manager/SME. Manages and administrators all POA&M tickets via the BMC Remedy ticket tracking application. Tracks and monitors all POA&M activity and reports metrics as required. Engages organizations outside of Consular Affairs / Consular
Systems and Technology (CA/CST) to edit, submit, complete, and closeout POA&M tickets as necessary.

Secondarily, the IAE is responsible for Assessment and Authorization (A&A) activities for CA/CST automated information systems (AIS) and provides A&A support for domestic and oversea deployed systems. In addition, the IAE tracks and reports status, and brings any obstacles that may impact the completion of the A&A to the attention of the IAE Team Lead
and the Project Manager (PM) in a timely manner. The IAE ensures that A&A packages are submitted to IA and follows up to ensure IA approval is obtained prior to systems' Authorized to Operate (ATO) expiration date. The IAE daily function includes:

Serves as the primary IAE lead for Visa, Passport, American Citizen Overseas or CA Support for High, Moderate, and Low information systems and drives the overall A&A life-cycle process in accordance with the Department CA/CST System Development Life-Cycle (SDLC). IAE monitors the systems security posture via iPost. Analyzes production system
configuration change requests (CCR) of existing systems to determine security impact using the Planned Change Comparative Analysis (PCCA) process, and initiates required actions to maintain security posture and authorization status. Conducts weekly or monthly meeting with Government Task Managers (GTMs) and developers. Schedules and facilitates boundary meeting, RMF Steps 1-3 Kick-off (RMF1-3KO) meeting, RMF Step 6 Kick-Off (RMF6KO) meeting, and attends RMF Step 4 Kick-off (RMF4KO) meeting and finding meetings. Gathers required information to support system authorization by organizing technical working groups, conducting fact-finding interviews, attending system demo, assessing system security categorization (SCF) levels, establishing system security control baseline, acting as a security advisor to the GTM during the security controls
implementation. Develops and updates the following security application documentation:
Security Categorization Form (SCF)
E-Authentication Form (eRA)
System Security Plan (SSP)

Supports the Contingency Plan (CP) SME and Privacy Impact Assessment (PIA) SME in the development of the following security application documentation within CACAMS:
Information System Contingency Plan (ISCP)
Privacy Impact Assessment (PIA)

Complete any data call in a timely manner which include but not limited to Quarterly POA&Ms data calls. Reviews, monitors and reports POA&M status to all parties including PM, ISSP GTM, System GTM and System Development Team, and System Operation Teams. Provides guidance to System GTM and System developers as it related to the A&A process using both the National Institute of Standard and Technology (NIST) Special Publication (SP) 800 series and Department Foreign Affairs Manual (FAM) guidelines. Assists and advises System GTMs and System developers in the design and development of secure systems architecture as well as industry best practices and information systems technologies available to meet AIS security requirements.

Certifications:
CISSP (desired but not required)
CAP (must have within 90 days of start)

Must haves:
Good people skills
Good technical writing skills
Strong team player
IT Security Experience
POA&M Experience
Bachelor's degree
Active Secret of higher clearance

Technical Skills:
Knowledge of Microsoft products (Word, Visio, Project), firewalls, switches, SANs,
networking structures, databases, IIS, SDLC, etc.
Remedy experience is desired
Ability to learn new automated tools.

Estimated Salary: $20 to $28 per hour based on qualifications.

Continue

Don't Be a Victim of Fraud

  • Electronic Scams
  • Home-based jobs
  • Fake Rentals
  • Bad Buyers
  • Non-Existent Merchandise
  • Secondhand Items
  • More...

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.
© 1999-2024 Geebo, Inc. All Rights Reserved - Contact: 888-439-3113
About | Blog | Contact | Privacy Policy | Terms of Use | California Privacy Notice | Do not sell my personal info