Yesterday
Secret
Mid Level Career (5+ yrs experience)
$125,000 - $145,000
No Traveling
IT - Security
Philadelphia, PA (On-Site/Office)
Responsibilities:
• Assist the Information System Security Managers (ISSM) in executing their duties and responsibilities.
• Ensure compliance with all NAVSEA, DON, and DoD cybersecurity policies.
• Ensure relevant Cybersecurity (CS) policy and procedural documentation is current and accessible to properly authorized individuals.
• Coordinate cybersecurity processes and activities for assigned systems.
• Maintain and report Assess Only (AO) and Assessment and Authorization (A&A) status to Program Managers, Information System Owners, and ISSMs.
• Provide oversight of Security Plans for assigned systems throughout their lifecycle.
• Manage and maintain Plan of Actions and Milestones (POA&M), ensuring vulnerabilities are properly tracked, mitigated, and where possible, remediated.
• Assist with the identification of security control baselines and applicable overlays.
• Coordinate the validation of security controls with Navy Qualified Validators (NQV).
• Perform Risk Management Framework (RMF) Standard Operating Procedure (SOP) reviews.
• Adjudicate findings from Package Submitting Officer (PSO).
• Register and maintain systems in Enterprise Mission Assurance Support Service (eMASS).
• Plan and coordinate security control testing during Risk Assessments and Annual Security Reviews.
• Report changes in system security posture to the ISSM.
• Ensure the execution of Continuous Monitoring related requirements as defined in the System Level Continuous Monitoring (SLCM) Strategy.
• Review all data produced by Continuous Monitoring activities, update the eMASS record as necessary, and escalate to leadership for action, if required.
• Correlate findings from non-RMF vulnerability assessments (e.g., Development Test (DT)/Operational Test (OT), penetration testing, Command Cyber Operational Readiness Inspection (CCORI), etc.) to RMF controls for tracking, ensuring a holistic risk assessment.
• Participate in change control and configuration management processes.
• Maintain vulnerability data in Vulnerability Remediation Asset Manager (VRAM).
Experience:
• Six (6) years of experience coordinating and enacting required security changes, with in various levels of an organization, ensuring compliance with published policies; conducting cybersecurity vulnerability and threat analysis; and support cyber incident response by isolating potentially effected assets, initial investigation and data collection, through status updates/reporting.
• Knowledge of DoD policies, processes, and procedures related to common duties for Information System Security Officers
Education/Certification:
• DoD 8570 IAM II (CAP, CASP+ CE, CISM, CISSP, GSLC, CCISO, HCISPP)
• Bachelor’s degree in computer science, information technology, communications systems management, or an equivalent science, technology, engineering & mathematics (STEM) degree from an accredited college or university
• Assist the Information System Security Managers (ISSM) in executing their duties and responsibilities.
• Ensure compliance with all NAVSEA, DON, and DoD cybersecurity policies.
• Ensure relevant Cybersecurity (CS) policy and procedural documentation is current and accessible to properly authorized individuals.
• Coordinate cybersecurity processes and activities for assigned systems.
• Maintain and report Assess Only (AO) and Assessment and Authorization (A&A) status to Program Managers, Information System Owners, and ISSMs.
• Provide oversight of Security Plans for assigned systems throughout their lifecycle.
• Manage and maintain Plan of Actions and Milestones (POA&M), ensuring vulnerabilities are properly tracked, mitigated, and where possible, remediated.
• Assist with the identification of security control baselines and applicable overlays.
• Coordinate the validation of security controls with Navy Qualified Validators (NQV).
• Perform Risk Management Framework (RMF) Standard Operating Procedure (SOP) reviews.
• Adjudicate findings from Package Submitting Officer (PSO).
• Register and maintain systems in Enterprise Mission Assurance Support Service (eMASS).
• Plan and coordinate security control testing during Risk Assessments and Annual Security Reviews.
• Report changes in system security posture to the ISSM.
• Ensure the execution of Continuous Monitoring related requirements as defined in the System Level Continuous Monitoring (SLCM) Strategy.
• Review all data produced by Continuous Monitoring activities, update the eMASS record as necessary, and escalate to leadership for action, if required.
• Correlate findings from non-RMF vulnerability assessments (e.g., Development Test (DT)/Operational Test (OT), penetration testing, Command Cyber Operational Readiness Inspection (CCORI), etc.) to RMF controls for tracking, ensuring a holistic risk assessment.
• Participate in change control and configuration management processes.
• Maintain vulnerability data in Vulnerability Remediation Asset Manager (VRAM).
Experience:
• Six (6) years of experience coordinating and enacting required security changes, with in various levels of an organization, ensuring compliance with published policies; conducting cybersecurity vulnerability and threat analysis; and support cyber incident response by isolating potentially effected assets, initial investigation and data collection, through status updates/reporting.
• Knowledge of DoD policies, processes, and procedures related to common duties for Information System Security Officers
Education/Certification:
• DoD 8570 IAM II (CAP, CASP+ CE, CISM, CISSP, GSLC, CCISO, HCISPP)
• Bachelor’s degree in computer science, information technology, communications systems management, or an equivalent science, technology, engineering & mathematics (STEM) degree from an accredited college or university
group id: 91012210
