Today
Secret
Unspecified
Unspecified
IT - Security
Norfolk, VA (On-Site/Office)
ManTech seeks a motivated, career and customer-oriented Senior Risk Management Framework Engineer to join our team in Norfolk, VA. This position is onsite.
Responsibilities include but are not limited to:
Minimum Qualifications:
Clearance Requirements:
Physical Requirements:
Responsibilities include but are not limited to:
- Serve as the lead advisor on RMF implementation across system lifecycles and manage workload for team members to meet established timelines
- Conduct security categorization, control selection, implementation, and assessment in accordance with NIST SP 800-53 and DoDI 8510.01
- Prepare and maintain RMF documentation, including the System Security Plan (SSP), Plan of Action & Milestones (POA&M), and Security Assessment Reports (SAR)
- Guide system owners through the RMF steps to achieve full 3-year Authorization to Operate (ATO)
- Collaborate with security control assessors (SCAs) and NQV's to coordinate risk assessments and validation testing
- Identify, document, and mitigate system vulnerabilities using tools such as Enterprise Mission Assurance Support Service (eMASS), Assured Compliance Assessment Solution (ACAS), and Security Technical Implementation Guidelines (STIG's)
- Expert level experience in maintaining continuous monitoring strategies and conducting periodic reviews in accordance with DoD and NIST guidelines
- Provide training on RMF processes and cybersecurity best practices to junior staff and stakeholders
- Maintain up to date evolving DoD cybersecurity policy, threat landscape, and risk mitigation techniques
- Create Standard Operating Procedures (SOPs), internal process documents, and input cyber policies that support the continuous monitoring of accredited information systems
- Up to 10% travel mainly Conus
Minimum Qualifications:
- BS or BA degree in Computer Science, Information Systems, Cybersecurity, or a related discipline. Additional 6 years of RMF experience may be substituted for a degree
- 7+ years of experience working within RMF environments, particularly supporting federal or DoD system
- Experience in NIST SP 800-series publications, especially SP 800-53, 800-37, and 800-30
- Strong knowledge in requesting, obtaining, and reviewing compliance artifacts to assist in executing security and privacy controls testing such as security plans, SOPs, system screenshots, and system configuration settings
- CASP+, CISSP, or CISM certification
- Navy Qualified Validator (NQV) Level 1
Clearance Requirements:
- Active Secret clearance with the ability to obtain a TS/SCI clearance
Physical Requirements:
- Must be able to remain in a stationary position 50%.
- Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
- Often positions self to maintain computers in the lab, including under the desks and in the server closet.
- Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.
group id: RTX14564a
ManTech Corporate Capabilities
