We are actively searching for qualified candidates for this opportunity. We are currently identifying candidates for this effort. This requisition is contingent upon award of contract to Jacobs.
Performs assessment and authorization coordination. Advises and assists the customer with Risk Management Framework (RMF) and develops a Plan of Action and Milestones for resolving network deficiencies in accordance with DODI 8510.01. The duties of this task include assessing network compliance against controls listed in DODI 8500.2 and creating A&A packages. The end goal is to ensure the integrity of customer systems by identifying and mitigating potential shortcomings and vulnerabilities. Analyze, evaluate, and build an accreditation roadmap for new networks and systems. Develop and maintain supporting documentation for new networks, systems, and technologies. Develop and review the A&A of networks, systems, services, devices, hardware, and software using the DoD & IC RMF to obtain an Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC). Provide DoD & IC RMF subject matter expertise and assist with the development and execution of the RMF program. Maintain, track, and validate DISN and DIA connection approval packages. Perform risk and vulnerability assessments of IT and IS for accreditation; prepare risk assessment reports for submission to the Security Controls Assessor/Certification Authority (SCA/CA) and Authorizing Official/Designated Accrediting Authority (AO/DAA) in accordance with DoD and DIA policies, procedures, and regulations. Assist with the enforcement of A&A, as well as connection standards for networks and systems. Track and maintain A&A databases, web sites and tools to ensure that networks, systems and devices are properly documented and managed from a security perspective. Ensure timely notifications are made to responsible individuals and organizations in order to prevent lapses in accreditations (e.g., 30, 60, and 90 day notices). Support the resolution of issues with security, A&A, connection approvals, and waiver requests. Perform network security authorization, as well as the application and execution of policy, including project management support services. Additionally, the Information Assurance Security Specialist should be able to perform security evaluations and vulnerability assessments using the DOD Assured Compliance Assessment Solution (ACAS), Nessus vulnerability scanning tool. The Information Assurance Security Specialist will liaison with network and system administrators to correct identified deficiencies. The Information Assurance Security Specialist will also scan (or review scans) for new systems and applications being introduced, identify issues, and draft certification letters for the government. The contractor will liaison with customer personnel to ensure systems and application meet the standards in the DISA Security Technical Implementation Guides (STIG).