Develops Authorization to Operate (ATO) and ISCM Status Reports, and ISCM and Cyber Security Reports and Dashboards, updating them on a continuous basis.
Documents operational procedures and maintains Cyber Security and ISCM tools and technologies. Provides support to the Cyber Security Operations Center (CSOC) and participates in architecture/deployments of Cyber Security and ISCM tools and technologies, including coordination with the DHS CDM Program and other related Agencies.
Participates in the vulnerability management program and tracks vulnerabilities and remediation activities, including identifying and reporting information system and software security flaws through vulnerability scanning, configuration compliance scanning, application security scanning, and other sources weekly.
Establishes, documents and maintains configuration settings for all information systems, including identifying, documenting, and approving any deviations from established configuration settings. Reviews proposed configuration-controlled changes to the information systems and recommending approval or disapproval to the Agency CISO based on an explicit consideration for security impact analyses.
Manages mobile device security policies and ensure mobile device operating systems are updated. Maintains CSOC Server, Workstations, and Laptops, including the VM Infrastructure.
Leads the development of information security architectures and security reference architectures. Integrates security engineering principles in the system and software design and architecture. Integrates audit review, analysis, and reporting tools to support forensics and incident response activities. Provides information security role-based training.