• Bachelor’s degree in IA/IT or equivalent hands-on experience in Information Assurance.
• CAP, CISSP, CISM or CISA preferred
• Working knowledge of DODIIS C&A, DIACAP, and NIST 800-53
• Knowledge of system security plans, risk assessment, security tests, and evaluation activities
• Candidates must be able to communicate technical information in a clear and concise manner.
  
• Candidates must currently have a security clearance at the TS/SCI level.
  

• Manage the formal risk management process.
• Manage Security Controls Assessment of multiple systems.
• Review and evaluation of information systems security documents provided and/or required for on-going and/or potential contracts.
• Provide weekly and quarterly status reports to management.
• Develop and implement improvements in information security program.
• Coordinate, author, and deliver presentations to management.
• Manage information security documents such as policies, procedures, and systems security plans.
• Manage information systems security requirements for multiple programs operating in multiple data centers.
• Provide regular, on-going penetration testing.
• Test and audit compliance with information systems security policies and procedures.
• Author information security documents, such as Systems Security Plans.

Knowledge, Skill and Abilities Required:

• ST&E and Penetration testing and vulnerability analysis & scanning.
• Knowledge of Assessment and C&A methodologies
• Knowledge of FIPS 199, FIPS 140-2, and NIST SP 800
• Experience working with multiple operating systems.
• Experience working with leading network scanning.
• Must have excellent written and verbal communication skills requiring working knowledge of Microsoft Word and Excel.

Qualifications,Education and Experience:

• Bachelor's Degree or equivalent work experience
• Possess related certification such as CISSP, CISM, GIAC, GSEC, GSLC, CISM, CISA, etc.