Delegated Authorizing Official Representative – Skill Level 3

Description

Kaizen Approach is currently seeking a Delegated Authorizing Official Representative to assist in identifying overall security requirements for the protection of data and to ensure the implementation of appropriate information security controls. In this role, the individual will perform and analyze security risk assessments, risk analysis, risk management processes, security control assessments, and security awareness activities for systems and networking operations. The position includes providing assistance to ensure Cybersecurity functions are incorporated into the configuration management process and contributing to the development of security architecture and the integration of legacy systems. This role supports acquisition and research, development, test, and evaluation environments and ensures Cybersecurity is built into systems deployed in operational environments. The individual will interact with customers, information technology staff, and high-level corporate officers to define and achieve Cybersecurity objectives and will prepare required security authorization documentation.

Requirements:

• Must have the ability to perform security planning, security assessment, risk analysis, risk assessment, and risk management support activities in support of organizational systems and operations.
• Must possess the ability to perform risk assessment and risk management activities to support and enable the integration of legacy systems within an existing information technology environment.
• Must be capable of reviewing and analyzing Cybersecurity capabilities built into systems that are planned for deployment to operational environments.
• Must have the ability to prepare risk assessments, plans of action, authorization recommendations, and related security authorization documentation.
• Must possess the ability to identify and support overall security requirements for the protection of data to ensure the implementation of information security policies, activities, and controls.
• Must be capable of ensuring Cybersecurity functions are included in system development and risk management processes, particularly those focused on infrastructure protection and defensive information technology strategy.
• Must have the ability to facilitate interaction with customers, information technology staff, and high-level corporate officers to assist in defining and achieving required risk management objectives for the organization.
• Must have eight years of experience as an IT Risk Assessor, System Security Engineer, Information Systems Security Manager, or DAO supporting programs and contracts of similar scope, type, and complexity, or twelve total years of relevant experience if no bachelor’s degree is held.
• Must have a bachelor’s degree in Computer Science, IT Engineering, or a related technical discipline from an accredited college or university, or four additional years of relevant experience in lieu of the degree, and must possess working knowledge of system security design processes, defense-in-depth and defense-in-breadth, engineering life cycle, information domains, cross-domain solutions, controlled interfaces, identification, authentication and authorization, system integration, ICD 503, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, the security authorization process, cybersecurity principles, and security testing, and must be DoD 8570 compliant with IAM III.
• Active TS/SCI clearance with Polygraph is required.