PRIMARY DUTIES & RESPONSIBILITIES:
- Develops and updates assessment and authorization documentation (Body of Evidence) for management and continuous monitoring of information systems
- Performs ongoing compliance assessments using tools, such as Assured Compliance Assessment Solution (ACAS), Secure Content Automation Protocol (SCAP), and McAfee Virus Scan Enterprise. Reviews, documents, and maintains all results
- Verifies patches and virus definitions to the systems using existing automated tools
- Adheres to pre-defined configuration management and change management policies and procedures for authorizing software prior to its implementation on systems
- Performs security audits using to track multiple events including any signs of inappropriate or unusual activity, intrusion events, data transfers, etc.
- Performs security assessments of NCS Family of Systems in accordance with NIST, Navy, NSA and NAVINTEL IA guidance. Works with system engineers to take corrective action to resolve identified problems
- Performs Site Based Security Assessments (SBSAs) of systems and recommending authorization to the Designated Authorizing Official (DAO) as a certified Trusted Agent
- Reports security incidents in accordance with the Command Incident Response Plan
- Ensures systems are operated, used, maintained, and disposed of in accordance with all applicable security policies and practices
