Information Systems Architect Mid

If you are unable to complete this application due to a disability, contact this employer to ask for an accommodation or an alternative application process.

4 days ago Requisition

Salary Range: $ To $ Annually

LCAT Category Name: Information Systems Architect Mid

Education Level: High school Diploma or General Equivalency Diploma (GED)

Years of

Experience:

5

• Assist the Government Lead in daily tasks to ensure all systems have current Authorizations to Operate (ATOs).
• Facilitate Assessment and Authorization (A&A) for Information Systems, data availability, integrity, authentication, confidentiality, and non-repudiation.
• Through A&A review processes, ensure security measures are implemented for communication systems, networks, and provide advice that systems and personnel adhere to established security standards and Governmental requirements for security on these systems.
• Develop and execute security policies, plans, and procedures.
• Initiate creation of A&A packages to support receipt of Authorizations to Operate (ATOs), collaborate with Engineers to gather required information for A&A packages, and update A&A packages as required.
• Perform lifecycle maintenance of A&A packages ensuring ATOs do not expire without proper updates.
• Update the appropriate documentation for Department of the Navy (DON) Application & Database Management System (DADMS) and Department of Defense Information Technology Portfolio Repository - Department of the Navy (DITPR-DON). Submit Ports and Protocols with all supplemental documentation to DISA for approval.
• Submit tickets to initiate action from Headquarters Marine Corps (HQMC) Command, Control, Communications, and Computers (C4) Cybersecurity Division (CY) for approval.
• Ensure appropriate action is taken in a timely manner by appropriate point of contact (POC) within the A&A packages. Assist with validation of A&A packages as required by the Government.
• Review and provide input for Operational Plan of Action and Milestones (POA&M) for submission to Action Officer (AO). Conduct vulnerability scans using Assured Compliance Assessment Solution (ACAS) and assist Engineers in documenting system vulnerabilities.
• Vulnerability management duties include, but are not limited to:
  • Using Tenable Security Center and Nessus scanners, Red Seal, Big Fix, Security Content Automation Protocol (SCAP) Compliance Checker (SCC) Tool, HP Fortify, other automated tools, and manual inspections to identify vulnerabilities
  • Documenting vulnerabilities in the RSA Archer eGRC system; reporting vulnerability statistics.
• Experience with Department of Defense Information Assurance Program (DIACAP) and Risk Management Framework (RMF). Must possess Information Technology Infrastructure Library (ITIL) version 3 Foundation certification.

• Security Clearance:
  Active Secret Clearance (T3 Investigation)