* Provide program level security management and engineering support across ITD Program areas in support of the OBIM mission, utilizing the Information Assurance Compliance Systems (IACS), Xacta Information Assurance Manager, and DHS Cyber Security
* Provide Information Security Management, Operations and Engineering support, Certification and Accreditation support (C&A), support audits (IG and GAO), Deep Dive - Critical Control Review (CCRs) and Security Configuration Readiness Assessment (SCRAs), and Management of Plans of Action and Milestones (POAMs).
* Performs risk analyses, risk assessment, and information security planning. Perform server hardening and utilize contingency planning.
* Daily oversees the security staff to design, develop, engineer and implement solutions to security requirements.
* Serve as Information System Security Officer (ISSO). Perform security evaluations, prototypes and reporting on tools in assessment process.
* Monitor, report, remediate and ensure compliance according to the Federal Information Systems Management Act (FISMA) including vulnerability scans, patch management, security integration and incident handling procedures.
* Identify POA&M items, Security Education, Training and Awareness. finalize Authority to Operate (ATO) packages, and address System Change Requests (SCRs)
* Track, document and report the Annual Information Assurance Awareness Training Compliance, and create a Security Controls/Requirement Catalog.
* Analyze, define, plan, design and develop guidance for the areas of Network and Systems Lifecycle Security, Data Security, Identification, Authentication, Authorization, and Non-Repudiation, Security Event/Incident Monitoring, and Response, Emerging technologies and tool assessment, and Change Management and Security Configuration Guidance.
* Align the controls both hierarchically at the enterprise or component level (common and general support system) and application level.
* Attend security conferences as required
* Ensure that updates are made to the Target Architecture from a security perspective including supporting and interacting with NIST and DHS level guidance.
* Support and maintain Security Operations to include support and manage public key infrastructure registration activities, firewall change requests, PICs requests, data center scanning requests, and DHS data centers server account requests.
* Develop Interconnection Security Agreements (ISAs)