Authorizing Official/Designating Representative - CALIBRE
St. Louis, MO 63111
About the Job
CALIBRE Systems Inc., an employee-owned Management Consulting and Digital Transformation Company is seeking a highly skilled and experienced Authorizing Official Designated Representative (AODR) to join our team. The AODR will assist the Authorizing Official (AO) in making risk-based decisions regarding the security of information systems. This role requires a deep understanding of both Department of Defense (DoD) and National Geospatial-Intelligence Agency (NGA) policies and procedures.
- Manage and approve Accreditation Packages (e.g., ISO/IEC 15026-2).
- Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network.
- Establish acceptable limits for the software application, network, or system.
- Manage Accreditation Packages (e.g., ISO/IEC 15026-2).
- Knowledge of computer networking concepts and protocols, and network security methodologies.
- Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
Required Skills
- Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
- Knowledge of cybersecurity and privacy principles.
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of specific operational impacts of cybersecurity lapses.
- Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
- Knowledge of cryptography and cryptographic key management concepts
- Knowledge of organization's enterprise information security architecture.
- Knowledge of organization's evaluation and validation requirements.
- Knowledge of Security Assessment and Authorization process.
- Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
- Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
- Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Knowledge of Risk Management Framework (RMF) requirements.
- Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
- Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
- Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
- Knowledge of structured analysis principles and methods.
- Knowledge of systems diagnostic tools and fault identification techniques.
- Knowledge of the organization’s enterprise information technology (IT) goals and objectives.
Required Experience
- US citizen
- Active Top Secret/Sensitive Compartmented Information (TS/SCI) clearance, eligible for Counterintelligence (CI) Polygraph.
- 5-7 years of experience
- Relevant certifications such as CISSP, CISM, GSLC, CCISO.
- Bachelor’s degree or higher from an accredited college or university in Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree; or a degree in a Mathematics or Engineering field.
- Available for possible travel within the Continental United States (CONUS) and Outside CONUS (OCONUS).
Preferred Qualifications:
- Master’s degree in a related field.
- Experience working with DoD and NGA information systems.
- Additional certifications such as CCSP, Cloud+ or CGRC.
Source : CALIBRE