This position assists in the preparation of documentation to support FISMA high systems to protect data from unauthorized users. A wide degree of creativity and latitude is expected. Candidate must have knowledge with NIST 800 publications standards and preparing documents such as: System Security Plans (SSPs), Contingency Plans (CPs), Security Impact Assessments (SIAs) for proposed changes, as well as having a thorough understanding of NIST publications (SP 800-53, rev3/4, 800-53A, and 800-37
Job Duties
- Write and update information assurance documentation such as risk assessments, system security plans and security policies
- Manages Information systems core documents (SSP, BIA/CP, FIPS 199/200) and relevant security documents (Diagrams)
- Create documents for POA&Ms through the development of artifacts and security documentation
- Develop the processes and development documentation with tools such as Visio Pro and Microsoft Word
- Create, review and edit documentation produced by technical and non-technical personnel
- Outline, rewrite, edit, and format documents that fully comply with customer requirements in terms of both content and format.
- Ensure that documentation is accurate, complete, meets editorial and government specifications, and adheres to standards for quality, coverage, format, and style.
- Support the information security risk assessment process
- Draft information security communications
- Contribute to the development of information security awareness training and track training metrics for reporting purposes.
Required Education/Experience
- Bachelor’s Degree in Computer Science or related field (i.e., EE, CPE, MIS, IT)
- Proficiency in Microsoft Office suite (Word, Excel, PowerPoint, Visio and Project)
- At least two (2) years of relevant IT technical writing experience required
- Experience in Systems Engineering with satellite experience is preferred
- Excellent writing and communication skills
- U.S. Citizenship is Required, with an ability to pass a Federal Background Check
Required Certifications & Skills
- Knowledge and experience with NIST's Risk Management Framework and the FFIEC's Cyber security Assessment Tool is highly desired
- Certification in one or more of the following CISSP, CISM, CISA, CAP, CRISC, PMP, Sec +