Risk Management Framework and Computer Network Defense Analyst (US).
Responsibilities:
- Serves as a subject matter expert to advise for RMF packages, strategies, and technical components to ensure compliance of NIST 800-53 security controls.
- Plan, design, develop, and implement projects focused on Cyber Security.
- Perform systems engineering activities in the areas of Cyber Security / Information Assurance (IA) / System Security Engineering (SSE) and security assessment and authorization (A&A) in accordance with NIST SP 800-53.
- Develop and capture requirements for government security solutions.
- Ensures compliance with policies and procedures for system design, programming, documentation, and testing.
- Assess solutions' architectural designs for compliance with NIST 800-53 and DOD related policies.
- Develop security artifacts to support the IA program to include System Security Plans (SSP), Security Assessment Reports (SAR), Risk Assessment Reports (RAR), Security Control Traceability Matrix (SCTM), Plan of Action and Milestones (POA&M), System Design and Installation Procedures, System User Guides, Privileged User Guides, Security Test Procedures, and other documents as needed.
- Support systems through all steps of RMF and enable Gov Client to achieve and or maintain authorities.
- Review vulnerability scan results at the operating system (OS) and application level and work with stakeholders to architect and implement mitigations.
- Promotes a culture of knowledge sharing and collaboration by organizing knowledge bases, contributing regularly, and encouraging team members to contribute.
- Coaches and mentors team members to improve their technical skills.
- Regularly creates forward-thinking thought leadership deliverables, provides insight into emerging technical trends.
- Knowledge and understanding of the Security Technical Implementation Guidelines (STIGs)
- Experience with remediating identified Information Assurance Vulnerability Alerts (IAVAs) within DoD systems.
- Strong organizational skills and excellent attention to details.
- Abilities to work independently and to manage time effectively.
- Effective communication skills with an appreciation for the appropriate ways to interact with managers, coworkers, customers, and vendors.
- Ability to work off hours as necessary to meet government needs to include night shift.
- Must be able to travel CONUS AND OCONUS when travel is required.
- Assists in ALL other Technical Support Branch operations when required.
Valiant Integrated Services is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.
- Education: (a) Required - Associate degree in Computer Science, Information Systems Management or 5 years of experience working with Cyber Security Risk Management Framework (RMF) and Information Systems ManagementAssurance Vulnerability Alerts (IAVAs) within DoD systems. (b) Desired - BS or BA degree in Computer Science, Information Systems Management or 5 years of experience working with Cyber Security Risk Management Framework (RMF) and Information Assurance Vulnerability Alerts (IAVAs) within DoD systems.
- Qualifications - Working knowledge of Risk Management Framework (RMF) process, eMASS, ACAS, SCAP, STIG, Cyber Risk Assessments (CRA), Cyber Table Top (CTT) or related process - Demonstrate a working knowledge of RMF packages, strategies, and technical components to ensure compliance of DoD 8500 and NIST 800-53 security controls.
- Responsible for the creation, consultation, and ongoing assessment and authorization (A&A) documentation in compliance with Cybersecurity policies and guidelines including DoD 8500 and NIST 800-53 security controls.
- Must maintain an active TOP SECRET / SCI security clearance.
- Must be able to obtain and maintain IAT Level II and the appropriate computing environment certifications IAW DoDM 8140.03 such as Security+ CE.