Plan, initiate, and manage information technology (IT) projects. Lead and guide the work of technical staff. Serve as liaison between business and technical aspects of projects. Plan project stages and assess business implications for each stage. Monitor progress to assure deadlines, standards, and cost targets are met.
1. Serve as a cybersecurity expert for assigned systems.
2. Serve as the principal advisor on all matters involving the security of an information system to include the following:
3. Performing as the primary liaison for authorizing official (AO), system owners, and other stakeholders for the system.
4. Engaging and advising the System Owner (SO) ensuring adherence to Information Assurance (IA) policies, DHS Security regulations, NIST guidance and other statutory and regulatory policies and guidance.
5. Serving as primary cybersecurity point of contact for the Security Operation Center (SOC) and providing support with incident response, investigations and cybersecurity emergencies for assigned systems. Reporting system security incidents in accordance with established procedures.
6. Providing technical review and recommendations for all risk and vulnerability assessments conducted for the system or site.
7. Serving as the coordinator and responder to audits, data calls, and inquiries for assigned systems, including Management Control Objective Plan (MCOP) assessments and data calls.
8. Attending IT security awareness and related training programs and distributing IT security awareness information to the user community.
9. Providing security analysis of IT activities ensuring that appropriate security measures are in place and are being enforced.
10. Develop and maintain comprehensive system security authorization documentation: security plans, FIPS199, E-Authentication, Privacy Threshold Assessment (PTA), Privacy Impact Assessment (PIA), Contingency Plan, Contingency Plan Test and Plan of Action and Milestones (POA&Ms).
11. Maintain an accurate, documented, asset inventory of assigned information systems.
12. Maintain inventory of privileged users and ensure annual training.
13. Coordinate, conduct and support testing efforts such as penetration testing, SCA testing and continuous monitoring.
14. Continuously monitor the information system, conduct system scanning and analysis, and provide oversight and monitoring of the security controls on an ongoing basis.
15. Proactively monitoring, managing, and engaging with stakeholders for Plan of Action and Milestones (POA&M) for assigned systems. Documenting weaknesses, vulnerabilities, findings, and overdue ISVMs as POA&Ms.
16. Manage PKI Certificates for assigned FISMA systems, ensuring all PKI certificates renewals and revocations are completed and processed prior to the expiration. Submitting digitally-signed PDF statement with certificate revocation request affirming that the Device Sponsor who made a revocation request has the authority to do so.
17. Apply patches and updates to all network devices, computers, servers, switches, firewalls, and time server
18. Troubleshoot issues with networked and networking devices
19. Plan, deploy, and maintain configuration of networking devices
20. Develop and maintain firewall access control lists
21. Deploy and maintain site to site VPN connections
22. Work with the team to deploy new networked devices and update configurations as needed
23. Provide support with network certification process
24. Provide expertise in the area of networking protocols, security, and configurations
25. Track and report on required Cisco device support and maintenance renewals
26. Deal with all aspects of Cisco support requests
27. Spec out and recommend networking devices for new deployments and upgrades
28. Maintains and manages the client interface at the senior levels of the client organization.
29. Meets with customer and contractor personnel to formulate and review task plans and deliverable items.
30. Conducts nationwide badge/cred audits
31. Application processing, ensuring requirements are met, assigning authority/access levels of credentials, denying applications, and enforcing policies.
32. Receives, processes and reviews mail consisting of returned badges and creds for restocks, refurbishing, or destruction
33. Sponsor on boarding TSA employees/contractors.
34. Revoke (Cessation of operation) departing TSA employees/contractors.
35. Solve IT issues related to PIV cards and physical access.
36. Create and print PIV cards and their credentials.
37. Proficient with ISMS and IDMS and assisting with help nationwide.
38. Provide fingerprint services to support federal background investigation requirements and transmit for processing
39. Set up profiles, print PIV cards, and ship nationwide.
40. Set up physical access to employees/contractors for TSA HQ facility.
41. Troubleshoot HSPD-12 PIV printers and workstations and assist on the phone nationwide.
42. Monitor the Help Desk Mailboxes at least and distribute information as necessary.
43. Maintain an electronic information data base to be used for responding to TSA Government related inquiries and issues.
44. Projects long-range requirements for database administration and design in conjunction with other managers in the information systems function. Designs, creates, and maintains databases in a client/server environment.
45. Designs, implements, and maintains complex databases with respect to access methods, access time, device allocation, validation checks, organization, protection and security.
46. Conducts quality control and auditing of databases in a client/server environment to ensure accurate and appropriate use of data.
47. Provides all activities related to the administration of computerized databases.
48. Applies knowledge and experience with database technologies, development methodologies, and front-end (e.g., COGNOS)/back-end programming languages (e.g., SQL).
49. Performs database programming and supports systems design. Includes maintenance of database dictionaries, overall monitoring of standards and procedures, file design and storage, and integration of systems through database design.
50. Evaluates data base design tradeoffs, impacts on user expectations, performance levels, and space allocation requirements.
51. Capable of coordinating, scheduling, and providing inventory database administration for all installation, maintenance, and repairs to all TSA facilities for the TSA Physical Security Section.
52. Prepares correspondence, schedules and coordinates travel to support for the TSA Physical Security Section.
53. Provides administrative support such as technical writing, proofreading, technical editing of word processing and other computer-based documents
54. Provides the expertise to prepare draft and final correspondence, including forms, letters, and memorandums, in a timely and accurate manner and provide exceptional customer service and administrative support as necessary throughout the organization.
55. Intake or creation/notification of PMI with TSA and third party vendor
56. Review the documents and forms and ensure correctness
57. Generate service ticket number in the TSA service tracking system
58. Coordination documents and forms tracking
59. Tracking of scheduled visit, rescheduling as needed.
60. Integration of various sources into a cohesive product which may be delivered as computer-based magnetic media, and preparation of graphical and narrative presentation material
61. On-going task: tracking TSA barcode supply for renewal and ordering of barcode stock.
62. Assists in the preparation of management plans and report, coordinates scheduled to facilitate completion of proposals, contract deliverables, task order review, briefings/presentations.
63. Conduct training for all pertinent TSA and third party personnel as needed on use of the database, reporting & mobile application
64. Hold a pre-inspection call with third party vendor and PSS to ensure technician has PMI guide books and barcodes.
65. Field all calls and questions from technician or local TSA for both preventative maintenance and inventory.
66. Collection of signed completion documents and inventory data.
67. Inventory databases to ensure consistency and accuracy of all data and nomenclatures.
68. Maintain supplies inventory by checking stock to determine inventory level.
69. Create a report generation tool for the inventory database.
70. Answer and direct phone calls to appropriate stakeholders.
71. Organize and schedule meetings and appointments. Book conference calls and rooms.
72. Maintain contact lists.
73. Produce and distribute correspondence memos, letters, faxes and forms.
74. Assist in the preparation of regularly scheduled reports.
75. Performs analysis, development and review of program or functional areas, as required.
76. Develop and maintain a filing system.
77. Provide information by answering questions and requests.
78. Research and create presentations.
79. Generate reports.
80. Maintain computer and manual filing systems.
81. Handle sensitive information in accordance to TSA policy and procedures.
82. Take accurate minutes of meetings.
83. Coordinate administrative office procedures.
84. Reply to email, telephone or face to face enquiries.
85. Ensure operation of equipment by completing preventive maintenance requirements; calling for repairs; maintaining equipment inventories; evaluating new equipment and techniques.
86. Carry out administrative duties such as filing, typing, copying, binding, scanning etc.
87. Create and update workflows.
88. Prepare and provide documentation to internal teams and key stakeholders.
89. Retrieve necessary information (e.g. user/client requirements and relevant case studies).
90. Monitor project progress and address potential issues.
91. Coordinate quality controls to ensure deliverables meet requirements.
92. Act as the point of contact for all participants.
93. Develops and implements methodologies to ensure compliance with standards, guidelines, and procedures in a large computer-based organization.
94. Develops and defines major and minor characteristics of quality including quality metrics and scoring parameters and determines requisite quality control resources.
95. Establishes and maintains a process for evaluating hardware, software, and associated documentation and/or assists in the evaluation.
96. Conducts and/or participates in formal and informal reviews at pre-determined points throughout the development life cycle.
97. Organizes, directs, and manages contract operation support functions, involving multiple, complex and inter-related project tasks.
98. Maintains and manages the client interface at the senior levels of the client organization.
99. Meets with customer and contractor personnel to formulate and review task plans and deliverable items.
Personnel providing Testing services under RMF Task 1, RMF Task 2, and RMF Task 3 have the following:
1. Must have at least 7 years of technical IT security and 5 years Program Management experience with a concentration in support for the US Government OR a relevant Master's Degree and experience, with a concentration in support for the US Government. Such experience can come from system or network administration, security analysis, security testing and evaluation, security incident response, security monitoring, IT project implementation, or other similar technical activities.
2. At least one Security certification (CISSP preferred, CEH, CISM etc.)
3. Experience with performing NIST RMF activities with specialized expertise in at least one of the following types of systems: database, enterprise, Unix/Linux, financial or cloud environment (e.g. IaaS, PaaS, SaaS)
4. Strong technical background, and understanding of ports, protocols, secure application development, networking (e.g., Cisco 5500 Series Adaptive Security Appliances and Cisco Network Switches)
5. Demonstrated experience developing complex Security Plans IAW NIST guidance
6. Exceptional customer service, overall communication, and technical writing skills
7. Extensive experience conducting and analyzing vulnerability assessments of networked and stand-alone information systems to the extent of conclusively validating all technical controls as defined by NIST
8. Ability to translate between business focused and technical focused stakeholders at all levels
9. Superior problem solving and troubleshooting skills at the System Engineer level
10. Strong skills in critical thinking and analysis, both on a strategic and operational level, structured working style with the ability to plan and organize.
General Requirements:
1. Must have Certified System Engineer ICAM PACS (CSEIP) certificate
2. Extensive experience with government technical publications and implementation (HSPD- 12, FISMA, FIPS-12, DISA, FICAM)
3. Extensive experience with Cyber Security Assessment and Management (CSAM), RSA Archer GRC and Doc Tracker
4. Extensive experience with RedHat Enterprise and Suse Linux Enterprise server
5. Extensive experience with SQL server
6. Extensive experience with the following systems: Windows Server 2012, 2016 and newer file and application servers
7. Extensive experience with the following systems: Windows 7, 10 and newer
8. Must have knowledge and experience with servers, enterprise storage arrays including SAN and NAS solutions
9. Must have knowledge and experience with Microsoft Cluster technology
10. Must have knowledge and experience with virtualization technology including VM Ware or Microsoft HyperV Virtualization
11. Must have knowledge and experience with Microsoft Windows Active Directory
12. Extensive experience with Microsoft Windows Server Update Services, Microsoft System Center Configuration Manager, Nessus Professional by Tenable and McAfee ePO
13. Extensive experience with Group Policy, Networking IP/DHCP, Exchange, DNS, IIS. (Architecture, design, disaster recovery and troubleshooting.)
14. Must have Certification for American Dynamics CCTV Systems, Video Edge NVR and Victor Enterprise
15. Must have Certification for Identiv Velocity
16. Must have Certification for Software House C-CURE 9000
17. Extensive experience with Stratus everRun
18. Extensive experience with Innometriks ID server
19. Extensive experience with OCSP, PKI and Smartcard ID badges and reader technology
20. Must have knowledge and experience with HID ActivID Desktop Validation Client
21. Must have knowledge and experience with Corestreet Validation Client
22. Must have knowledge and experience with CA Privileged Access Manager
23. Must have knowledge and experience with Bomgar BeyondTrust Representative Console
24. Must have knowledge and experience with Traka Touch Key Cabinets and Traka Touch Locker Systems
25. Must have knowledge with Certipath Trust Visitor and STOPware PassagePoint Professional Visitor Management Systems
26. Must have knowledge and experience with Telaeris Xpress entry
Software Powered by iCIMS
www.icims.com