Cyber Engineer - RMF

ALTA IT Services is seeking a highly motivated, self-directed individual to fill the role of Cyber Engineer (RMF).

We are looking for a Cyber Engineer (RMF) who is team-oriented with strong information assurance skills and experience. The selected individual will join a collaborative team environment where they will provide expertise and guidance for the project, including defining the projects objectives, facilitating quality control and assist in coordinating the efforts of team members in order to deliver the project according to plan.

The Cyber Engineer (RMF) plays a strong role in client relations and project success. Key to the success of this position is the successful delivery of projects and effective communication to all levels of staff for reporting project status.

RESPONSIBILITIES:.

• Govern and monitor the IT security posture of all network enclaves, unclassified and classified, as well as provide authority on Cybersecurity policies.
• Work closely with the client regarding policy creation, best business practices, and general Cybersecurity governance.
• Function as the primary POC for all RMF Assess and Authorize (A&A) responsibilities and Cybersecurity inspection actions.
• Serve as the Information System Security Manager, Representative (ISSM-R) for all Cybersecurity actions required.
• Responsible for all activities relating to Cybersecurity procedures and systems.
• Confer with and advise subordinates on administrative policies and procedures and resolving technical problems, priorities, and methods.
• Consult with and advise other support teams regarding internal controls and security procedures.
• Prepare activities and progress reports relating to the information systems audit function.

Task for Cybersecurity- Support (Risk Management Framework (RMF) Assess & Authorize)

• Manage all steps of the DoD Risk Management Framework (RMF) assess & authorize process.
• Develop Plan of Actions and Milestones (POA&M) for registered systems.
• Manage and maintain the System Security Plan (SP).
• Assess security controls in accordance with NIST SP 800-53.
• Possess in-depth knowledge of all NIST and CNSSI publications related to RMF and security controls for national security systems (NSS).
• Maintain ISSM and Program Manager (PM) roles within the instance of eMASS for client systems.
• Register new systems within eMASS as required.
• Obtain Interim Authority to Test (IATT) authorization for new systems.
• Create Assess-only RMF instances for software packages (NETCOM Certificate of Networthiness replacement).
• Develop and maintain System-level artifacts for associated systems within eMASS.
• Coordinate the development of technology-level artifacts with other teams.
• Advise other teams on STIG compliance and mitigation strategies.
• Manage the Authority to Operate (ATO) lifecycle for associated systems, to include coordinating Security Control Assessor - Validation (SCA-V) teams.
• Develop and maintain FISMA metrics for DoD Cybersecurity scorecard reporting.
• Maintain FISMA metric reporting within the client system.
• Advise client CISO, and ISSM of all DoD RMF matters related to associated systems.
• Ensure STIG checklists and associated artifacts for all technologies are reviewed, and validation results are posted to the client portal.

QUALIFICATIONS:

• BA or BS Bachelor's Degree with 10+ years of overall applicable experience (highly preferred)
• Minimum requirement is HS Diploma with 12+ years of overall applicable experience
• Interim Top Secret clearance accepted at start, but ultimately requires Top Secret clearance
• Must have Security+ certification (also desire any of the following: CAP, CND, Cloud+, GSLC, HCISPP, CCNA Security, CySA+, GICSP, GSEC, SSCP)
• Experience with policy creation, best business practices and general Cybersecurity governance.
• Experience in RMF Assess and Authorize (A&A) and Cybersecurity inspection actions
• Experience serving as Information System Security Manager, Representative (ISSM-R)
• Experience managing all steps of the DoD Risk Management Framework (RMF) assess & authorize processes
• Experience assessing security controls in accordance with NIST SP 800-53.
• Experience creating Assess-only RMF instances for software packages
• Experience developing Plan of Actions and Milestones (POA&M)
• Experience creating policy, best business practices and general Cybersecurity governance.
• Possess in-depth knowledge of all NIST and CNSSI publications related to RMF and security controls for national security systems (NSS).
• Experience developing, maintaining and reporting FISMA metrics
• Experience managing the Authority to Operate (ATO) lifecycle to include coordinating Security Control Assessor - Validation (SCA-V).
• Must be able to work independently.
• Must have strong verbal and written communication skills.

Must be able to follow instructions and provide support to all team members

Ref: #850-Rockville (ALTA IT)
#M2
#LI-AP1

System One, and its subsidiaries including Joulé, ALTA IT Services, TeamPeople, and Mountain Ltd., are leaders in delivering outsourced services and workforce solutions across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.

System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.