Systems Planning and Analysis, Inc. (SPA) is a well-established and progressive defense contracting company in the Northern Virginia area just a few miles south of the Pentagon. We are a professional services firm established in 1972 that has a long-standing reputation for unrivaled technical and analytical support to some of the top decision makers in the Federal Sector. We do state of the art work and have a cadre of outstanding professionals on our team.
SPA's Undersea and Surface Warfare Division (USWD) provides timely, objective, analytic assessments, strategic planning, and expert operational, technical and acquisition support to the Undersea Community. We are trusted agents of NAVSEA and Program Executive Officer Submarines.
SPA has a contingent need for multiple Information Systems Security Managers/Analysts.
The candidate will support a PEO (SUB) Program Office and act as the Information Systems Security Manager/Analyst responsible for the Navy PEO (SUB)'s Risk Management Framework. The candidate will provide information assurance (IA)/risk management framework (RMF) expertise to government Program or Project Managers who oversee Undersea Acoustic Systems, Combat Submarines, Imaging Systems, or Training Systems. The candidate will:
- Provide Undersea Weapon System subject matter expertise to NAVSEA affiliated PEOs and program managers for selected appropriated programs.
- Oversee and assess the cybersecurity risk assessment process within the overall Risk Management Framework (RMF) Assessment and Authorization (A&A) process, assist with the assessment of the security controls, review RMF packages and certify the residual risk in support of an RMF authorization.
- Support an independent, comprehensive assessment of the management, operational, and technical controls employed within the Navy system.
- Support government program managers in evaluating cybersecurity documentation and deliverables from the prime system integrator in support of acquisition milestones and authorizations to operate.
- Establish, document, and monitor the cybersecurity program implementation and ensure compliance with the Risk Management Framework.
- Develop and maintain System Security Plans (SSP), Contingency Plans, Privacy Impact Assessments, Certification Reports, Accreditation Reports, Plan of Action & Milestones (POA&M), and other Certification and Accreditation (C&A) documentation.
- Oversee and manage information security program implementation within the PEO(SUBS) organization by identifying and improving management strategy through personnel, infrastructure, policy enforcement, emergency planning, security awareness, information technology (IT) security goals) and/or other resources.
- Associate Degree from an accredited University or CNSSI 4011 Certificate or successful completion of military training course: CIN J-3B-0440 (IP BASIC) (or DOD Service equivalent)
- Validated 1-3 years specialized entry level experience in Specialty Area 72 (Information Systems Security Management) with working knowledge of system functions, cybersecurity policies, and technical cybersecurity protection measures.
- One or more of the following certifications are required: GSLC, CISSP, CISM, CAP, or CASP.
- Active Secret Security DoD clearance with eligibility for Top Secret clearance
- Bachelor's or Graduate Degree from accredited University or CNSSI 4012 or NDU CISO certificate or NDU CIO certificate or AQD GA8. or successful completion of military training course: NEC 2779 (CIN: A-531-0009) or 3372 or (EKMS Manager CIN W-3B-1500 ) or A-4C-1340 (KMI) (or DOD Service equivalent)
- Validated 5 or more years specialized Master level experience in Specialty Area 72 (Information Systems Security Management)
- Familiarity with: NAVEDTRA 43462-1C, or NAVEDTRA 43462-2, or NAVEDTRA 43469 watch station 304 or If IP O1-3 or NAVEDTRA 43360-2 or If IP O4-5 or NAVEDTRA 43360-3
Apply on company website