Work with government leaders and system owners to understand Authority to Operate (ATO) packages, review information systems for compliance, and support the organization comply with NIST SP 800-53 controls requirements. Aid system owners to review control implementation statements for compliance with VA policy, work with system teams to review and update their POA&Ms and help system teams to navigate the Enterprise Mission Assurance Support Service (eMASS) Governance Risk Management & Compliance (GRC) tool throughout each of the RMF steps. Document policies through Standard Operating Procedures (SOPs); learn, understand, and explain role requirements across the organization; facilitate requirement discovery sessions with VA leadership to better understand gaps in policy and tool comprehension; and utilize requirements discovery to provide tools, documents, activities, and education to improve policy and tool comprehension. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.
- 2+ years of experience with eMASS
- 3+ years of experience with Risk Management Framework (RMF)
- Experience supporting system ATO processes and documenting through job aids, SOPs, Frequently Asked Questions (FAQs), or memos
- Experience training or mentoring junior team members
- Experience taking complex RMF concepts and distilling them into simple concepts in educational materials
- Knowledge of NIST SP 800-53 Rev. 4
- Ability to work core business hours of 8AM to 5PM (EST), Monday through Friday
- Ability to engage with both staff and leadership to facilitate meetings, analyze policy documents and associated training and educational documents against authorization requirements to identify gaps
- Ability to establish a schedule to address outstanding requirements, and coordinate directly with system team stakeholders
- Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements
- HS diploma or GED and 18+ years of experience with systems security engineering or Bachelor's degree in CS, IT, or Engineering and 10+ years of experience with systems security engineering
- Experience with enterprise ATO reporting
- Experience supporting system RMF requirements, including creating artifacts, control implementation details, and POA&Ms
- Experience with artifact generation and review
- Experience as a trainer or teacher
- Ability to work independently and in teams
- Possession of excellent written and verbal communications skills
Applicants selected may be subject to a government investigation and may need to meet eligibility requirements of the U.S. government client.
The proposed salary range for this position in Colorado is $100,000 to $126,000. Final salary will be determined based on various factors.
At Booz Allen, we celebrate your contributions, provide you with opportunities and choice, and support your total well-being. Our comprehensive benefit offerings include healthcare, retirement plan, insurance programs, commuter program, employee assistance program, paid and unpaid leave programs, education assistance, and childcare benefits.
We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.