Develop and update security control traceability matrices (SCTMs) and system security plans (SSPs), manage and control changes to systems and assessment and authorization (A&A) packages, and assess the security impact of those changes.
November 16, 2022
Review scan results for the system assets, identify the respective remediation's for misconfigurations and weaknesses, and work with the system team to ensure timely implementation of fix.
November 23, 2022
Evaluate performance results and recommend major changes affecting short-term project growth and success.
December 21, 2022
Create and maintain existing information system security documentation, including SSP, SCTM, and Security Configuration Guide.
December 22, 2022
Provide guidance and support for system security by performing complete assessments of the system portfolio, determine priority of systems that need to be accredited per policy, and ensure prompt compliance.
December 31, 2022
Assist in the maintenance of System Security Plan (SSP), Security Test Procedures (STP), document and maintain implementation details of NIST 800-53 security controls.
January 20, 2023
Track findings with Plan of Action and Milestones (POA&M) through mitigation and/or risk acceptance.
March 11, 2023