Polaris Alpha, A Parson Company, provides cutting edge solutions development based on the latest advances in open software design and integration. The company is best known for not only understanding our customer’s needs, but also consistently exceeding their expectations. Polaris Alpha develops sophisticated data visualization, event analysis, pattern detection, mission planning and mobile software using net centric and enterprise architectures. With Polaris Alpha, no job is too large or too small.
Polaris Alpha has an opening for a CyberSecurity and Accreditation (CSA) Specialist to work on several technologies maintained and developed by Polaris Alpha. The CSA representative will work closely with a collaborative team comprised of Software Engineers, System Administrators, Program Managers, and Project Managers. The team will be responsible for creating, updating, and managing submittal artifacts including Configuration Management Plan, System Security Plan, System Security Test Plan, Security Controls Traceability Matrix, Ports Protocols and Services, and other supporting artifacts as applicable to the project.
The CSA Specialist must possess an overall understanding of RMF and be familiar with writing, updating and reviewing related technical documentation. The CSA Specialist will be responsible for creating, updating, and managing required A&A artifacts. Artifacts include: System Security Plan (SSP), Configuration Management Plan (CMP), System Security Test Plan (SSTP), Concept of Operations (CONOPS), Security Controls Traceability Matrix (SCTM), Risk Assessment Report (RAR), Plan of Action and Milestones (POA&M) and others as required. In addition, a candidate with experience in the full life cycle of the Xacta process would be highly preferred.
It is desired for the CSA Specialist to know how to run vulnerability assessment tools (e.g. SCAP, Nessus, etc), lock down systems and present mitigation strategies Engineers and System Administrators. The candidate should also have experience running Security Readiness Review Evaluation Scripts (SRR), performing associated testing, and be hands-on with Security Technical Implementation Guides (STIGs).