Career Opportunities with Kingfisher Systems, Inc.
A great place to work.
Career Opportunities with Kingfisher Systems, Inc.
A great place to work.
Current job opportunities are posted here as they become available.
Subscribe to our RSS feeds to receive instant updates as new positions become available.
| Location: | Fort Meade, MD |
Assessment and Authorization Lead
Kingfisher Systems, Inc. (Kingfisher) specializes in providing a full range of Information Technology, Cybersecurity, Intelligence, and support services to the U.S. Government. Kingfisher’s core competency is technology-enabled services with a specific focus on national security. Since 2005, Kingfisher has established itself as a recognized and trusted partner whose mission is safeguarding sensitive information, operations, and programs for our Federal customers and U.S. warfighters.
Kingfisher is actively seeking a highly skilled and dynamic individual to fill the pivotal role of Assessment and Authorization (A&A) Lead within our esteemed organization. This role requires exceptional expertise and proficiency in guiding and overseeing the assessment and authorization processes. As the A&A Lead, you will play a crucial role in ensuring the security and compliance of our systems and infrastructure. You will be tasked with spearheading comprehensive assessments, developing strategic authorization plans, and collaborating closely with cross-functional teams to implement effective security measures.
Duties and responsibilities will include but are not limited to:
A&A Lead shall support the A&A for ACAS capabilities on both NIPRNET and SIPRNET.
Experience obtaining and applying patches to all assets affected by open findings.
Provide security engineering to the Government and support A&A activities for test and production systems to maintain compliance with DoD 8500 series publications, Federal Information Processing Standards, and National Institute of Standards and Technology (NIST) Special Publications.
A&A Lead shall coordinate with the Government-specified A&A team to timely remediate security defects on any open findings on the test and production systems.
A&A Lead shall support the Information Systems Security Manager (ISSM) team in collecting information and answering DTO and OPORD.
Provide the Ports, Protocols, and Service Management (PPSM) information for ACAS and shall assist the ISSM with submitting the information to the Government PPSM system of record.
Perform preparation of the necessary accreditation documentation, to include a System Security Plan to describe the protection and sustainment of the Cyber Security requirements to comply with applicable Security Controls of the ACAS capabilities.
Perform preparation of the accreditation packages that show the certification status of the system in the Government-furnished format, to include change request forms and supporting documentation for major change management activities.
Ensure that the accreditation package(s) contains accurate information and is maintained in a current status, to include updates to the implementation plan.
Perform all the required A&A data entry and artifact submissions to the unclassified and classified Enterprise Mission Assurance Support Service (eMASS) and DISA Requirements Task System (RTS).
Maintain the Lifecycle A&A Plan that addresses the process, procedures, and timing of A&A activities for new software and software updates/upgrades across the anticipated lifecycle of the product(s).
Responsible for monitoring system security and performing configuration management and security operations activities to ensure an acceptable level of residual risk is maintained as determined by the DISA RME and/or DISA Authorization Official (AO).
System monitoring includes security patches, hotfixes, Security Technical Implementation Guide (STIG) updates, IAVA updates, and Security Requirements Guide (SRG) updates.
Perform assessments for all STIG and IAVAs in the agreed-upon format and medium and submit a written STIG/IAVA compliance report of all discrepancies.
Maintain and update an SRG for the ACAS capability, which includes STIGs or system configurations that cannot be implemented until the capability is implemented at the operational site. As new STIGs are released, the contractor shall evaluate and update the SRG.
Update and maintain a Continuity of Operations (COOP) and Information System Contingency Plan (ISCP) for the ACAS capability.
Conduct an annual exercise of the COOP or ISCP with all appropriate support personnel and update the operations strategy and architecture documents to reflect any needed changes.
Required Qualifications:
Proficiency in Microsoft Office Suite
Understanding, experience, and knowledge of Cyber Security Assessment, Authorization, and Implementation processes and procedures
Experience with Assured Compliance Assessment Solution (ACAS) NIPRNet, SIPRNet, Nessus, Tenable, Security Center
Knowledge and expertise with eMASS, NIST SP 800-3 and 800-53, Risk Management Framework, Plans of Action and Milestones (POA&M), Vulnerability Management Policy, Security Technical Implementation Guide (STIG), Information Assurance Vulnerability Alert (IAVA)
Required Certification:
IAM Level III or IAT III certification. A Certified Information Systems Security Professional (CISSP) is preferred.
Years of Experience:
Degree Requirement: Bachelor's Degree Preferred
Minimum Clearance Requirement:
Location:
Work starting July 2024
Kingfisher Systems, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, among other things, or status as a qualified individual with a disability.
