CALIBRE Systems Inc., an employee-owned Management Consulting and Digital Transformation Company is seeking a highly skilled and experienced Authorizing Official Designated Representative (AODR) to join our team. The AODR will assist the Authorizing Official (AO) in making risk-based decisions regarding the security of information systems. This role requires a deep understanding of both Department of Defense (DoD) and National Geospatial-Intelligence Agency (NGA) policies and procedures.
Manage and approve Accreditation Packages (e.g., ISO/IEC 15026-2).
Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network.
Establish acceptable limits for the software application, network, or system.
Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
Knowledge of cybersecurity and privacy principles.
Knowledge of cyber threats and vulnerabilities.
Knowledge of specific operational impacts of cybersecurity lapses.
Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
Knowledge of cryptography and cryptographic key management concepts
Knowledge of organization's enterprise information security architecture.
Knowledge of organization's evaluation and validation requirements.
Knowledge of Security Assessment and Authorization process.
Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Knowledge of Risk Management Framework (RMF) requirements.
Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
Knowledge of structured analysis principles and methods.
Knowledge of systems diagnostic tools and fault identification techniques.
Knowledge of the organization’s enterprise information technology (IT) goals and objectives.
US citizen
Active Top Secret/Sensitive Compartmented Information (TS/SCI) clearance, eligible for Counterintelligence (CI) Polygraph.
5-7 years of experience
Relevant certifications such as CISSP, CISM, GSLC, CCISO.
Bachelor’s degree or higher from an accredited college or university in Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree; or a degree in a Mathematics or Engineering field.
Available for possible travel within the Continental United States (CONUS) and Outside CONUS (OCONUS).
Preferred Qualifications:
Master’s degree in a related field.
Experience working with DoD and NGA information systems.
Additional certifications such as CCSP, Cloud+ or CGRC.
St. Louis, Missouri, United States
Full-Time/Regular
Equal Opportunity Employer, including disability/protected veterans