DRC Logo resources. responsiveness. reliability.


 

home > Sr. Primary Certifier

Sr. Primary Certifier
Tracking Code 9372

Job Description

The Primary Certifier is responsible for executing the organization’s Certification and Accreditation (C&A) program, ensuring compliance, and providing guidance on IT Security requirements. The Primary Certifier serves as the focal point for all phases of the C&A process for the Information Systems Security Officer (ISSO), System Owner, and Program Office. The Primary Certifier ensures ISSOs complete the Federal Information Processing Standards (FIPS)-199, Contingency Plans (CPs), System Security Plans (SSPs), and responsible for delivering Risk Assessments (RAs), System Test and Evaluation (ST&E) Plans, Security Accreditation Reports (SARs), and Authority to Operation (ATO) Letters.

While the Federal Government employees conduct the majority of the technical scans on IT systems, the Primary Certifier must analyze the scanning results in order to identify and create POA&Ms for the IT systems under their responsibility. The Primary Certifier is also responsible for continuous monitoring of assigned IT systems.

About DRC

DRC is a leading provider of mission-critical technology management services and solutions for government programs. In the past three years, we have made several strategic hires and acquisitions that have positioned us for rapid growth in the Greater DC Metro (National Capital Region) area. Towards this end, we will be consolidating our Reston and Ballston offices with the opening of a new facility in Clarendon in June  2011. These investments have resulted in DRC being featured in a Federal Computer Week article titled “9 Hot Companies to Watch in 2011.”

Required Skills

  • Ability to work in independent environments under aggressive timelines

  • Proficient in MS Word due to responsibility in writing several security artifacts

  • Proficient in developing and presenting, both verbally and in writing, highly technical information and presentations to non-technical audiences

  • Working knowledge of the NIST 800 series publications governing the FISMA Act.

  • Working knowledge of the NIST 800 series publications to include, but not limited to: 800-30, 800-37, 800-53, and 800-53a

  • Working knowledge of DHS 4300A

  • Understanding of network topologies, TCP/IP, and boundary protection appliances        

Required Experience

  • 3 years experience with the Security Authorization (or C&A) methodology according to an agency standard framework such as DCID 6/3, DIACAP, or NIST

  • Experience creating Certification and Accreditation documentation ·         Experience operating vulnerability scanning/continuous monitoring tools (i.e., NESSUS, AppDetective, WebInspect, and ISS)

  • 5 years of demonstrated experience conducting vulnerability and analysis of operating platforms (i.e., UNIX, Solaris, and Microsoft)

  • 3 years experience performing compliance testing and analysis of web facing applications and database schema

Certifications

CISA, CISM, CISSP, Certification and Accreditation Professional (CAP) preferred      

Clearance

Must have an active Secret Clearance   

Job Location

Arlington, VA US

Position Type

Full-Time/Regular

At DRC You Can Make a Difference. To be considered, please forward your resume to: cyberjobs@drc.com.

For more information about DRC, please visit www.drc.com

 

 

 

Privacy Policy | Terms & Conditions | © 2013 DRC. All rights reserved | 800-522-4321 | webmaster@drc.com