Certification and Assessment C&A Specialist (NIST/FISMA) for Baltimore, MD Job in Baltimore, Maryland US
Certification and Assessment CA Specialist (NIST/FISMA) for Baltimore, MD
Come join CSC's cyber security practice and grow your career in information assurance! Why CSC? Because CSC's rankings and awards include: Best Places to Work for Recent Grads, Experience, Inc. - World's Most Admired Companies - FORTUNE - National Eagle Leadership Institute Award for Diversity and Inclusion - America's Greenest Companies, Newsweek Required knowledge includes: Client and US Government Information Security Policies NIST guidelines on information security OMB mandates US Government Privacy and Information Security policies and standards NIST 800-122, Guide to Protecting the Confidentiality of Personally Identifiable Information (PII) FISMA requirements Homeland Security Presidential Directives General Industry information security standards and best practices NIST Special Publication 800-53A (July 2008) Guide for Assessing the Security Controls in Federal Information Systems. NIST 800-37 Special Publication Rev 1 (February 2010), Guide for Applying the Risk Management Framework to Federal Information Systems NIST 800-30 (July 2002) Special Publication Risk Management Guide for Information Technology Systems NIST 800-39 Special Publication Managing Information Security Risk Organization, Mission, and Information System View. Federal Information Processing Standards (e.g. FIPS 140-2, FIPS-200, FIPS 199...) Responsibilities: Under the direction of our client's management, you will collaborate with and assist staff in activities associated with a compliance review of our federal client. Additionally you will assist staff in the full array of activities associated with state and local electronic data exchange security reviews (i.e., certifications and compliance monitoring) to include the following: Ongoing compliance reviews of partner agencies to ensure ongoing compliance with the client's requirements; Travel to various partner agencies to conduct onsite compliance reviews; Assessing the degree of risk to client as a result of electronic information transmitted to partner agencies and how that data is stored, viewed, accessed, and monitored; Assuring that external systems receiving information from the client are secure and operate in a manner that is consistent with the client's IT security policies and in compliance with the terms of computer matching and privacy protection act agreements executed by the client and the partner agency; Developing a security requirements package as appropriate. Due to our focus on Government contracts, we require all candidates to have the ability to obtain a security clearance. Local candidates are preferred, relocation will not be available. This is a full time position, no contractors or 1099 employees will be considered. CSC is a leading global IT services company. CSC's mission is to provide customers in industry and government with solutions crafted to meet their specific challenges and enable them to profit from the advanced use of technology. CSC helps its clients manage and profit from every major wave of change in IT since its formation in 1959. CSC provides innovative solutions for customers around the world by applying leading technologies and CSC's own advanced capabilities. CSC's FEDERAL CONSULTING PRACTICE The Federal Consulting Practice (FCP) is part of CSC's leading North American Public Sector. FCP delivers world-class business and technology consulting skills and services to the Federal Marketplace. FCP specializes in providing leading-edge business transformation solutions for Defense, Civilian and Intelligence agencies. Qualifications Basic Qualifications Bachelor's degree or equivalent combination of education and experience Bachelor's degree in business, computer science or related field preferred Three or more years of experience in technical analysis and design, preferably within a consulting environment Experience working with CSC Catalyst and/or equivalent client-mandated methodology Experience working with software, hardware, data and testing standards Experience working with delivery assurance principles and procedures Other Qualifications One to two years of additional relevant experience in a particular technical specialty area Strong analysis and design skills Good communication skills Ability to manage competing priorities in a complex environment Ability to devise creative technical solutions Ability to convey a strong presence, professional image, and deal confidently with complex technical problems Willingness to travel