LOCATION: McClellan, CA
Support the Customer's IT staff, accesses classified and unclassified networks, and enables development functions necessary to address requirements from critical DoD, Special operations, and Intelligence missions. Work with the information owners (IOs), user representatives, and users to identify project computing requirements, budgetary estimates, and project timelines in coordination with the ISSOs in the IT Branch. Support Risk Management Framework (RMF) initiatives. Develop hardware and software life cycle business cases and manage assigned projects within each project’s triple constraints of scope, schedule, and budgetary estimates. Develop, maintain and update, and track the System Security Plan (SSP) for assigned Information System (IS) and Platform Information Technology (PIT) Systems. Plan and develop budgetary estimates for security control implementation, assessment, and sustainment throughout the system life cycle, including timely and effective configuration and vulnerability management. Ensure that system security engineering standards are used to design, develop, implement, integrate, modify, and test and evaluate the system architecture in compliance with organizational standards. Ensure trusted systems and networks apply best practices, processes, techniques, and procurement tools. Document systems that cannot be made compliant and assist the ISSO in preparation of risk acceptance documents. Work with the IO and the ISSO to identify and document the appropriate level of protection for data, including use of encryption. Identify potential impacts to existing ATOs. Identify media sanitization (clearing, purging, or destroying) and reuse procedures. Identify processes, procedures, and guidelines for complying with protection requirements (e.g., e-mail labels, media labels, etc.), control procedures incident management reporting, remote access requirements, system management and use of encryption. Assist the Program Manager/System Manager (PM/SM), the IO, and the Information System Security Manager (ISSM), in preparing the final package needed for the Authorizing Official (AO) to make the authorization decision. Identify authentication and authorization requirements for users to gain access to systems and data based on assigned privileges and permissions to include completion of required training, completion of required Systems Authorization Access Request, and that users have signed the required Acceptable Use Policy. Ensure authorized users and support personnel receive appropriate cybersecurity training prior to being given access to systems.
Years of Experience: Min. 5 yrs. exp working as an ISO or in related Info. Security Analyst role; Specific exp. in budget development/project estimation; RMF implementation; SSP development; Prior exp. as an ISO (min. 2 yrs.) desired
CISSP, CySA, or closely related certification at IAT II level
Full benefits are offered.
Bravura is a rapidly growing Woman Owned Small Business (WOSB) that provides professional and engineering services, technology solutions and product offerings to DoD, Federal Civilian agencies. Bravura is an Equal Opportunity Employer. Bravura does not discriminate against employees or applicants for employment on any legally recognized basis (protected class) including, but not limited to: veteran status, uniform service member status, race, color, religion, sex, national origin, age, physical or mental disability, genetic information or any other protected class under federal, state, or local law. These are positions that require a U.S. Citizenship.