Technical Professional (IT Information Assurance)

Title: Technical Professional (IT Information Assurance) POSITION IS CONTINGENT UPON CONTRACT FUNDING KBR has an opening for a Technical Professional – IT Information Assurance to join our team of qualified, diverse individuals onsite at NBVC Point Mugu, CA This position requires on site presence. Remote or Tele-Work is not available. Roles and Responsibilities: Serves as an Information Systems Security Officer (ISSO) for Government information systems in support of a Program Management Activity (PMA). Performs extensive assessments of systems and networks within the networking environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy; Candidate will achieve this through passive evaluations (compliance audits) and active evaluations (vulnerability assessments). Establish strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems; This includes process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits. Assists in the implementation of the required government policy (i.e., RMF, NISPOM, JSIG) and makes recommendations on process tailoring. Performs extensive analyses to validate established security requirements and to recommends additional security requirements and safeguards. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports. Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed. Functional Job Description: Implement Risk Management Framework (RMF) in accordance with NIST SP 800, Joint Special Access Program Implementation Guide (JSIG). Participates in the development and maintenance of system security plans and contingency plans for all systems under their responsibility. Draft, maintain, Planned, System Security Checklists, Privacy Impact Assessments, POA&M, and Authority to Operate (ATO) artifacts. Develop Plan of Action and Milestones (POA&M) for identified vulnerabilities and ensure compliance through monthly / quarterly updates. Maintain inventory of all information Security System assigned. Develop a variety of Assessment & Authorization deliverables including; System Security Plan (SSP), Security Assessment Report (SAR), Contingency Plan (CP) and POA&M for review and approval for Authorization Official Monitor and conduct Security Control Assessment to ensure all controls meet security requirements as stipulated in the SSP, NIST SP 800-53, JSIG. Effectively communicate Technical Information to non-technical personnel Coordinate with Leadership across the organization to ensure timely compliance. Develop Waivers and exceptions for information system vulnerabilities. Basic Qualifications: Master’s degree in computer and architecture information systems management or related field from an accredited college or university or equivalent experience is required. OR Twelve (12) or more years of combined experience performing duties as described. OR Bachelor’s degree and an additional four (4) years of relevant experience may be substituted for a master’s degree. OR Associate’s degree and an additional eight (8) years of relevant experience may be substituted for a Master’s Degree Two (2) years of experience with mid-sized client/server systems in systems analysis, software design, software development, and system administration is required. Experience with DoD M5205.07 Series, Risk Management Framework (RMF) and Joint SAP Implementation Guide (JSIG) requirements is required. Knowledge of quality assurance, quality control, and independent verification and validation techniques is required. Experience working independently and as part of a team in researching data, developing analytical techniques and methodologies is required. Experience with managing secure Information Systems (IS) and databases while implementing and maintaining cross-domain solutions is required. A current Information Assurance Manager (IAM) Level I certification in accordance with DoD 8570.01-M, or the ability to gain the IAM Level I certification within six months is required. Applicant selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. A current Secret Clearance is required. Contract requirements regarding education and experience will prevail. KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law. KBR — Delivering Solutions, Changing the World. KBR brings together the best and brightest to deliver science, technology and engineering solutions that help governments and companies around the world accomplish their most critical missions and objectives. In everything we do, we are guided by our ONE KBR Values: We Value Our People – We create diverse, inclusive environments in which each person can feel safe, respected and valued, and where everyone has opportunities to grow and reach their full potential. We Deliver – We are uncompromising in our commitment to deliver innovative, high-quality, technology-led solutions for our customers and exceptional, sustainable value for all our stakeholders. We Are People of Integrity – We value honesty, trust, courage, fairness, prudence and tenacity. We believe doing what’s right for the planet, the communities where we work, and our people is good for business. We Empower – We empower our people with a shared purpose, the right tools and the supportive culture they need to be proactive decision-makers, to be adaptive to change, and to succeed. We Are a Team of Teams – We have a will to succeed, but we value the achievements of our team of teams over individual accomplishments. Our collective focus makes us a better, stronger, more effective company. We have also embedded environmental, social and governance (ESG) principles in every business operation and corporate function. Not only are we committed to operating safely, sustainably and equitably, but we are also committed to using our capabilities and expertise to help our customers accomplish their sustainability goals. Worldwide, KBR employs a diverse workforce approximately 29,000 people strong, with customers in more than 80 countries and operations in 40 countries. At KBR, We Deliver. Fraud Alert Fraud has infiltrated the job placement market via the internet, email and direct phone contact. Attempts have included unauthorized use of KBR’s name and logo to solicit potential job seekers or to extend false job offers. Bad actors may mix in fake job advertisements with legitimate postings. These ads can include contact instructions and require job seekers to send sensitive personal information or money to pay for visa applications, processing fees, etc., in exchange for consideration for a high-paying position. KBR will never ask for any sort of advance payment as part of the recruiting/hiring process. Candidate profiles are carefully managed to protect personal information.