*Dear Friends,* Please send me suitable profiles to *[email protected]*<[email protected]> SendResumes in word format with contact number,current location and billing rate.
*INFORMATION SECURITY PROGRAM ASSISTANCE*** * * *Rate: **Open, * *Total Exp: **8 Yrs, * *US Exp: **8 Yrs, Start Date: 7/1/2009, * *Duration: **1 Yr, * *Location: **Silver Spring, MD **local to Silver Spring, MD*** *Req. ID:* *TTECH-002** - Information Security Program Assistance*** *Primary Skills:* *FISMA, IT Certification and Accreditation, including writing and reviewing Security Plans, Risk Assessments, Contingency Plans and other C&A documents in accordance with NIST *** *Description:* *The contractor will provide subject matter expertise and assistance to the IT security team in support of its mission to ensure the integrity, confidentiality, and availability of its network and systems through proactive involvement in all aspects of the system security life cycle. Requirements * Develop Comprehensive continuous monitoring program for Client, Evaluate current vulnerability analysis tools in the inventory and recommend a consolidated reporting mechanism consistent with NIST 800-53 continuous monitoring and federal best practices within 30 days of beginning contract engagement. * Execute continuous monitoring program, Serve as the champion and reporting subject matter expert for continuous monitoring program. Prepare weekly reports documenting continuous monitoring efforts. * Recommend enhancements to continuous monitoring program, Recommend potential cost effective improvements for continuous monitoring program on a quarterly basis and in conjunction with future tool or service acquisitions * Vulnerability Assessments, Monitor NIST Vulnerability database and recommend mitigation strategies on a daily basis * Compile Data and produce reports, Consolidate information into report format for data calls * Compile Data and produce reports, Produce reports of patch level, antivirus definition, status, configuration reviews from all sites into a consolidated roll up report on a weekly basis * Compile Data and produce reports, Produce reports of unmitigated vunerabilities * Vulnerability tool subject matter expert, Serve as subject matter expert for current and future vulnerability monitoring tools. Recommend enhanced use and configuration of such tools. Produce reports from tools as needed. * Comment on draft and final mandate documents, Prepare briefing documents for statutory, regulatory, and guidance documents. Guidance shall include business impact and risk analysis and proposed mitigation strategy * Procurement Review - Provide assistance to prepare draft procurement reviews of IT procurements noting Certification and Accreditation impacts as well as proposing mitigation strategies as required. * Certification and Accreditation - Assist in conducting Certification and Accreditation activities and documentation preparation and review * Audit and Review Support - Assist in responding to audits and reviews by assisting in document collation and assisting in drafting formal replies * Incident Response - Assist in the evaluation of and response to IT Security Incidents. * Training and Awareness - Provide assistance by preparing and executing IT Security education, awareness, and outreach to the NMFS user community. Security Requirements The contractor must satisfactorily complete all IT Security non-disclosure forms, IT awareness training, and Department of Commerce/NOAA personnel screening requirements prior to performing the duties of this statement of work. Government equipment and systems will be utilized in the performance of the tasks in this statement of work. Without the consent of NMFS, no contractor IT equipment or systems will be used or connected to NOAA/NMFS government networks at any time during this contract. The C&A requirements of Clause 73 do not apply, and a Security Accreditation Package is not required. Government furnished equipment The NMFS Office of the CIO will provide all IT equipment associated with work performed for this contract. Qualifications Contractor must be familiar with general IT policy and planning and have experience with the following areas of IT Security: FISMA, IT Certification and Accreditation, including writing and reviewing Security Plans, Risk Assessments, Contingency Plans and other C&A documents in accordance with NIST SP 800-53 through rev2, SP 800-53a, SP 800-18, SP 800-60, etc... NIST Risk Management framework Experience in conducting system log reviews Contractor must also have experience with technical writing and quality control reviews for IT documents. *** -- Thanks & Regards, Kalyan, Tel:913-538-5491 913-660-0395 Metapro IT Solutions Email: [email protected] Yahoo IM: kalyancbresumes --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "US_IT.Groups" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.co.in/group/us_itgroups?hl=en -~----------~----~----~----~------~----~------~--~---
