| Location | |
| Country: | United States |
| State/Prov: | Virginia |
| City: | Springfield |
| Position | |
| Position/Title: | Certification & Accreditation Engineer |
| Position Type: | Permanent P/T |
| Closing Date: | 2008-10-26 |
| Job Description: |
Nortel Government Solutions (NGS) is one of the nation's strongest and most dynamic systems solutions providers. NGS specializes in the acquisition, design, engineering, evaluation, and development of advanced IT systems and data communications networks for information systems and applications. Our long tradition of success is attributable to the bright, driven professionals at NGS. Nortel Government Solutions has an immediate opening for an Information Assurance Certification Agent located at Customs & Border Protection (CBP) in Springfield, VA. Nortel Government Solutions maintains a position as a Certification Agent (CA) for the Border Enforcement Management System (BEMS) and the Enterprise Data Management and Engineering Division (EDME). In this position we report to the Information System Security Manager (ISSM) and provide a level of independent evaluation that is required by the Certification and Accreditation (C&A) process. NGS provides an independent assessment of the security plan to ensure it provides a set of security controls for the information system that is adequate to meet all applicable security requirements. In addition, we are responsible for a comprehensive assessment of the management, operational, and technical controls of the information system to determine if they are implemented correctly, operating correctly, and meeting the security requirements. The CA recommends corrective actions to reduce or eliminate security vulnerabilities. The certification agent will be required to perform the following functions: 1. Assist with information systems security audits and reviews, as appropriate. Determine the priority level associated with audit findings. 2. Validate that the information system design meets a specified set of managerial, operational, and technical security requirements and that it includes the implementation of an adequate audit trail capability of security-related activities. 3. Determine, with the data owner(s) and ISSO(s), the minimum-security features for each unique application. 4. Ensure security plans are developed for all information systems. Ensure that the application is certified and the certification documentation is developed using the DHS C&A tool, Risk Management System (RMS) 5. Review and evaluate security impact of changes to the applicable IT system, including interfaces with other networks. 6. Observe the testing of security controls for assigned MA's and GSS's. 7. Provide written justification, when appropriate, to the ISSM for approval by the Assistant Commissioner, OIT to obtain a written waiver of or exception to the policy for mandated security features. 8. Review C&A Packages and work with the assigned ISSO's and system owner to ensure that the security requirements of the system have been documented, tested, and implemented. Write the Security Assessment Report (SAR) and include the Certification Statement as part of the SAR. The final Plan of Actions and Milestones (POA&M) and a list of residual risks must also be included in the C&A Package. 9. Represent the STP Branch at key project meetings, as directed by the ISSM. 10. Validate Trusted Agent FISMA (TAF) submissions for FISMA compliance. 11. Maintain an on-line copy of the following documents and ensure the documents are current: annual security self-assessment (i.e., NIST SP 800-26), System Assessment Report, System Security Plan (SSP), Security Risk Assessment Report, Contingency Plan and Test Results, Security Test Plan and Evaluation, Vulnerability Scan Results, signed POA&M, Signed Accreditation Transmittal Letter. |
| Job Requirements: |
Bachelor's Degree Minimum 12 years of experience in Information Assurance/Security. Qualifications: An astute individual with proven leadership experience Self starter Can lead by doing, and has the ability to prioritize and direct as required. Must have former ISSO experience Strong interpersonal skills Excellent oral and written communication abilities Ability to work with field ISSO's – strong technical background with strong IA experience Five or more years working in IT security as an ISSO or Security Certifier in either military or civilian government environments a plus. Pluses are familiarity with the DHS-mandated certification & accreditation and compliance tools, RMS & TAF. CBP experience a plus. CISSP or other IT security related certification (ie., CAP) is desired. Security Clearance: The candidate must currently possess or be able to obtain a CBP full background investigation clearance. Active Secret or Top Secret clearance or ability to obtain TS is a plus. ***************** No Agencies Please ***************** Nortel Government Solutions offers competitive salaries and a comprehensive benefits package. Apply Online at Job Openings . Nortel Government Solutions is proud to be an equal opportunity employer. Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. US citizenship may be required for some positions. |
| Contact Information | |
| Contact Directions: |
Please click the link below and apply online.: https://nortelgov.ats.hrsmart.com/cgi-bin/a/highlightjob.cgi?jobid=15447 |
| Company: | |
| First Name: | Kim |
| Last Name: | Gilmer |
| Title: | |
| Email: | kim.gilmer (at) nortelgov (dot) com [email concealed] |