Mon-Friday -8 hours/day
Hours between 7:00 am to 7:00 pm
Clearance - Public Trust
Senior Cyber Security System Assurance Engineer
( contractors, estimated at 660 hours each in Base Year and 700 hours each in Option Year 1)
Must have at minimum six (6) years of information assurance services experience, with at least two years of experience related to Federal Information Security Management Act (FISMA) compliance.
Experience shall be in a related security technology or discipline such as security assessments (planning & compliance, architecture, audits, risk & vulnerability identification), creating and implementing security concepts and policy, encryption technology, firewall technology, or information protection. FISMA experience with the Department of is required, and IT security experience and in-depth knowledge of the Division Systems is a definite advantage. B.A. or B.S. in related field.
Information Technology Security Staff (ITSS) is seeking to develop a strategy to effectively manage, mitigate, and reduce the overall number of POA&Ms while maintaining a level of flexibility within its systems and management procedures to execute its mission.
The Division’s Information System Support Group (ISSG) requires computer security services consultation. The scope of work required under this Task Order is to provide conduct a complete independent review, assessment on the implementation of the processes, policies, procedures and regulatory compliance for the Division’s computer systems/projects to include, but not limited to.
- Wireless Technology
- Network Refresh
- Citrix Upgrade
- Remote Trial Operation
- Enterprise Server Virtualization
- Enterprise VOIP
- Mobile Phone Refresh
Assessment and POA&M Management
The contractor shall provide fully qualified personnel to perform a dependent assessment of the
Division’s computer systems/projects in the Scope section of this SOW, consultation and POA&M Management support to include:
- Conducting validation testing on a rolling basis. This serves to verify POA&M closures and the implementation of processes to reduce the risk of recurrence.
- Identify required system documents and ensure that the projects are properly implemented as described and meet the DOJ standards and baseline security requirements (BLSRs).
- Perform an assessment of applicable controls to verify that they are appropriately functioning and documented as required for a federal government computer system.
- Assist with documentation where necessary.
- Assist with the importing of existing control data into the Computer Security Administration Management (CSAM) database.
- Prepare Assessment and/or Accreditation packages for review and approval by stakeholders.
- Develop and distribute a Rules of Engagement document and a Project Plan document. The project plan shall clearly show detailed description of tasks to be performed by priority, timeline with estimated completion dates and milestones. And clearly show any obstacles that may delay meeting the scheduled completion dates
- Record minutes of meetings for attendees review and comment
- Provide weekly status reports to stakeholder, e.g., Deputy Executive Officer, Chief Information Officer, System Owners, Information System Security Manager, and Information System Security Officers. Weekly report shall include on-going activities, new activities, activities completed, problem and corrective action taken.
- Schedule and perform a “Approach and Planning with Stakeholders to explain the Rules of Engagement and Project Plan.
- Schedule weekly meetings to review status, report on progress, and provide plans for the following week.
- Prepare, review, and obtain for Government approval, a final Security Assessment Results report that documents the issues, findings, and recommendations (corrective actions or improvements in control implementation).
Please send resume in Microsoft word format to: