Our customer is required by contract to implement provisions of the Defense Federal Acquisition Regulation Supplement, contract clause 252.204-7012, 08/‘‘Safeguarding Covered Defense Information and Cyber Incident Reporting.”
The Security Services Department (SSD), in collaboration with the Information Services Department (ISD) and the IT Security Council (ITSC) is responsible for developing an information security policy for our customer. SSD is in need of technical policy writer, who is a Subject Matter Expert (SME) in NIST Special Publications; specifically, NIST SP 800-53 and NIST SP 800-171, and other NIST Special Publications, including the NIST and DoD Risk Management Framework. A demonstrated ability to interpret complex technical issues and develop enterprise-level policy and procedure is required. The ability to develop enterprise System Security Plans (SSPs), to include Plans of Actions and Milestones (POA&Ms) is essential.
RESPONSIBILITIES AND DUTIES
The position reports to our customer Information Security Manager, meets with ISD and the ITSC Policy Subcommittee and other stakeholders as necessary. The position serves as a Subject Matter Expert regarding NIST 800-53/171 policy requirements. Position reviews existing policy with respect to compliance of Defense Federal Acquisition Regulations for protecting federal and non-federal information systems and all NIST guidelines, standards and special publications.
Will write and edit policies and procedures in accordance with NIST guidelines, keeping with established policy structure. Participate as part of the IT Security Policy Sub-committee, recommending, authoring and briefing content. Content needs to be written in the familiar, plain language understood by both technical and non-technical audiences alike.
• Must be a U.S. citizen with the ability to obtain and maintain an active DoD secret clearance
• BS OR Associate’s degree in Information Technology, Computer Information Systems, or related field plus 5 years minimum experience and at least one industry certification in Project Management, IT, Risk Management or Cyber Security field, e.g., PMI Risk Management Professional (PMI-RMP),
• The candidate must have a strong background in information assurance training (IAT) and information security practices, procedures and policy, as well as a strong, proven record of technical writing, specifically with converting IT/technical concepts into easily digestible and actionable policies and procedures with summaries that are accessible to audiences of varying technical aptitudes.
• Candidate must possess strong oral and written communications skills, and must be able to present findings/results to internal and external organizations.
• The candidate must be a subject matter expert in National Institute of Standards and Technology Standards and Special Publications, to include NIST 800-53 and 800-171, Federal Information Processing Standards (FIPS) and Defense Federal Acquisition Regulation Supplements (DFARS) regulations for protecting DoD information.
• The candidate must have a demonstrated knowledge of applying information security concepts, frameworks, regulations and guidelines to organizational requirements.
• A bibliography of technical writings, patents, white papers or other writing samples is required.
• Active Secret Clearance
• 5 years of information technology, information assurance or related experience, with preferred service in a Federal Government or DoD Industrial Security environment.
WORKING LOCATIONS & ADDITIONAL INFO
• Location: Lexington, MA
• Travel: Non-Anticipated
• Employment Status: Full-Time Employee with full benefits (Medical, Dental, Vision, STD, LTD, PTO, Retirement)
• Other: All candidates must also successfully pass a Commercial Background Investigation (CBI).
This job posting sets forth the authorities and responsibilities of this position, which may be changed from time to time as shall be determined.
Odyssey Systems Consulting Group, LTD. is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, national origin, disability, sexual orientation, gender identity or expression, marital status, genetic information, protected veteran status, or other factors protected by federal, state, and/or local law. This policy applies to all terms and conditions of employment, including: recruiting; hiring; placement; promotion; termination; layoff; recall; transfer; leaves of absence; compensation; and training.