Information Security Consultant
Security | Washington, DC | Full Time
INFORMATION SECURITY CONSULTANT
About Us: Engineers solving real-world problems
At Applied Insight, we leave no stone unturned in solving our customers’ technology challenges. Supporting the Federal Government with the strongest mission focus, our solutions empower people to collaborate more effectively in delivering services vital to the nation. Our unique approach to information technology considers people first. We make it our job to understand our customer’s mission and the user’s reality right from the start, combining technology and process to deliver what customers really need to succeed – from adaptation to innovation – drawing on our long experience of supporting the US Defense, Intelligence and Federal Civilian communities.
A day in the life-- a few of the things you might be doing on any given day:
- Serves as Information Systems Security Officer (ISSO) for one or more IT system(s) and performs collateral duties related to IT security requirements for systems.
- Implements FISMA, NIST, DISA, DHS policies and FIPS (as appropriate) requirements for Security Authorization (SA) activities.
- Responsible for security reviews of Cost Estimates, SOWs and project security requirements.
- Assists with risk identification, assessment and response on project security matters.
- Develops Privacy documentation (PTA/PIA), security classification guidance and personnel security procedures.
- Develops and reviews IT Contingency and Systems Security Plans (SSP).
- Creates security procedures and system access requirements for vendors and support staff.
- Assists AMO with Personnel Security policies/procedures for contractors
- Develops and prepares organized SA documentation for Certifying Agent’s review.
- Assist CBP in understanding the “information protection” needs that support the mission or business. Allocates information protection needs to systems.
- Develops system security context, a preliminary system security CONOPS, and baseline security requirements.
- Works with the systems engineer in the areas of functional analysis and allocation by analyzing candidate architectures, allocating security services, and selecting security mechanisms.
- Identifies components or elements, allocates security functions to those elements, and describes the relationships between the elements.
- Analyzes design constraints, analyzes trade-offs, does detailed system and security design, and considers life-cycle support.
- Traces all of the system security requirements to the elements until all are addressed. Participates in a multidisciplinary examination of all system issues and provides inputs to SA process activities, such as verification that the system, as implemented, protects against the threats identified in the original threat assessment; tracking of information protection assurance mechanisms related to system implementation and testing practices; and providing inputs to system life-cycle support plans, operational procedures, and maintenance training materials.
Our expectation is that you will excel in this role if you:
The Information Security Consultant works within the customer, with oversight duties for aviation mission systems and other systems integration projects. This individual ensures that information security is addressed throughout the life cycle of each program or project, performing SA and IT security duties in a law enforcement sensitive environment. The Information Security Consultant verifies that security requirements and controls are functional in IT systems and facilities, as well as supplementing Information Technology Security consultation and Life Cycle planning support to government program managers.
What we are expecting from you (i.e. the qualifications you must have):
- Bachelor’s Degree or equivalent with a minimum of 5 years relevant experience, described below.
- Successfully-adjudicated CBP Background Investigation required to begin work.
- Department of Defense Secret Security Clearance required
- Certification in IT security, such as Certified Information Systems Security Professional (CISSP) or CompTIA Security+.
- Cisco certifications desired, such as Certified Network Associate (CCNA) and Certified Network Professional (CCNP).
- Must have demonstrated a solid understanding of the Federal Government SA process in employee’s work history, with a minimum of four years of experience in SA/Information System Security Engineering, including at least three years recent experience with Defense in Depth principles and technology to include:
- Access control Authorization Identification and authentication Public Key Infrastructure Network and enterprise security architecture
- Understanding of the FISMA SA process.
Nice to have:
- Knowledge of Cloud computing and Ongoing Authorization desirable.
www.applied-insight.com. EEO/AA including Vets and Disabled.