***Active TS/SCI with Polygraph Required***
Red Arch Solutions is a proven and effective small business integrator and consultant, recognized as a leading provider of IT development to the Federal Government, and primarily focused within the Intelligence Community.
We are an official Amazon Web Services (AWS) Partner, and are pleased to now offer Cloud Solutions Architecture and Engineering using AWS. We promote the advancement of our staff in achieving AWS certifications.
Red Arch is seeking an ISSO Security Lead to support NGA.
The scope of this contract relates to the management of NGA’s Research Labs across the US. The effort will provide both system administration for networks, servers, cloud and audio/visual devices and security engineering support services to include architecture documentation and testing.
The ISSO security lead will provide security-engineering support services required to operate and sustain the NGA Research Lab Environment (RLE) at five CONUS locations. These services include all security engineering actions related to documentation and use of XACTA to support the approval and accreditation of hardware and software for RLE systems and customers.
Create, update, enter, and manage all system Information Technology Disaster Recovery (ITDR) plans into the NGA ITDR database
Develop, maintain and execute schedules for the Plan of Action and Milestones (POA&M)
Track and resolve outstanding liens for research segment/system/entity, as documented for an Authority to Operate (ATO)
Chair Technical Exchange Meetings (TEMs) on new Research systems architecture, security issues, and prepare meeting notices, agendas, briefings and minutes, as required
Enforce DNI and Federal Information Security Management Act (FISMA) compliance for Information Assurance (IA), as it applies to the RLE systems
Develop and promulgate additional guidance relating to IA training, certification, and workforce management requirements
Monitor CIO-T reports for Host-based Security System (HBSS). Coordinate with RLE system administrators to verify all systems are in compliance and reporting to enterprise resources as required
Conduct independent technical and non-technical evaluations of systems architecture based on the security requirements and security controls documented in the certification evidence
Maintain a repository for all IA certification and accreditation documentation and modifications, and input/update Xacta
Develop standardized processes and procedures in support of Information Security
Research, recommend, and implement changes to procedures to protect data from future violations
Track Information Assurance Vulnerability Management (IAVM) reporting and patch management
Demonstrated proficiency and experience working with some or all of the following: Linux (CentOS and Red Hat), Microsoft Windows (Server and Workstation), Amazon Web Services (AWS), databases (Oracle, MySQL), web services, internet protocols, Network Attached Storage (NAS) and Storage Area Network (SAN) systems
A Bachelor’s Degree from an accredited institute in an area applicable to this position (e.g. information systems, computer science, math, or engineering) and five (5) years of relevant technical experience or fifteen (15) years of relevant experience across both minimum and desired qualifications
Must presently be 8570 compliant (IAT Level 2 preferred); must be 8570 compliant (IAT Level 2) by date of security indoctrination with any necessary continuing education (CE) for certification
Familiarity with ICD 503 and Federal Information Management Act (FISMA) compliance
Evaluating and assessing compliance with established IA policies and regulations. Conducting independent technical and non-technical evaluations of systems based on the security requirements and security controls
Developing standardized processes and procedures in support of Information Security endeavors
Information Assurance Vulnerability Alert (IAVA)/Information Assurance Vulnerability Management (IAVM) tracking, implementation and reporting, and up-to-date patch management.
Providing configuration management and IA assessments of hardware/software technology
Entering and maintaining system’s C&A information into the XACTA database
Red Arch Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, national origin, age, marital status, disability, or protected veteran status. Red Arch Solutions takes affirmative action in support of its policy to advance in employment individuals who are minorities, women, protected veterans and individuals with disabilities.