Work with organizations throughout the systems engineering lifecycle and all phases of the DoD Risk Management Framework (RMF). Assist with the system security classification, system categorization, and proper selection of cybersecurity controls. Advise and assist component organizations to comply with DoD security guidance within their cloud application environment, to include ensuring compliance with all Security Technical Implementation Guides (STIGs) and DoD Ports and Protocols Guidance (as defined in DODI 8551.01). Assist the information system owner in the development of Risk Management Framework (RMF) artifacts and assist with the upload of all required artifacts and supporting documentation for component Interim Authority To Operate (IATO), or Authority To Operate (ATO) packages. This position is open to remote delivery from any location in the U.S., to include the District of Columbia.
7+ years of experience with Cybersecurity
5+ years of experience preparing RMF packages and developing supporting documentation and DoD Authorization and Accreditation (A&A) process and standards
Experience developing system security plans and associated SOPs
Experience with analyzing software implementations to ensure compliance with NIST 800 series
Experience with cloud technologies, including AWS or Microsoft Azure
Knowledge of Information Assurance and Cybersecurity policies, procedures, and practices, including the RMF, FISCAM and NIST SP 800-53r4
Ability to analyze a security plan and perform system security analysis
BA or BS degree
DoD IAT Level II or IAM Level I Certification, including Security+, CySA+, or Cloud+
Experience with performing manual testing methods and procedures using Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs), and checklists
Knowledge of security features and vulnerabilities of business intelligence tools, including Qlik
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information. Secret clearance is required.
We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.