Job Requirements
Today
Pearl Harbor, HI
Secret Polygraph not specified
Mid Level Career (5+ yrs experience)
Salary not specified
Job Description
Job Summary
Executes Risk Management Framework (RMF) Processes to support system authorization.
Telework is supported at 10%. Travel is not required.
Responsibilities and Duties
Participates in system categorization and maintains the formal decision document as part of the system's authorization package. Identifies and documents all hardware and software within the system architecture using the format/template on eMASS. Draft and update system architecture and data flow diagrams. Ensures all IA-enabled devices and applications are DON application and Database Management System (DADMS) approved. Tailors system security controls and identify any common controls and overlays in eMASS. Develops policy letters for control families and ensure appropriate Control Correlation identifiers are appropriately documented. Develops and executes Security Assessment Plans to include completing all applicable STIGs, performing vulnerability scans, and documenting results. Ensures traceability throughout the system. eMASS records are completed and read for Security Control Assessment. Supports IV&V test events and addresses immediate feedback on system test results, control assessments, and policy documentation. Validates all required artifacts are current and representative of the systems being presented for AO adjudication. Evaluates continuous monitoring plans and participate in operational assessments. Participates in weekly and/or ad-hoc meetings.
Qualifications and Skills
Required knowledge and years of experience
Must have at least five (5) years of experience. Must have experience in providing cybersecurity services using Risk Management Framework (RMF). Must have at least five (5) years experience with the DoD authoritative Enterprise Mission Assurance Support Service (eMASS). Must have at least five (5) years supporting Independent Validation and Verification (IV&V) test events. Must have at least five (5) years providing validation of required artifacts in the Information System Security Manager/Engineer (ISSM/ISSE) Security Assessment Package.
Education Requirements
High School Diploma
Certifications
Security+ or CISSP
Clearance Requirement
Secret
Executes Risk Management Framework (RMF) Processes to support system authorization.
Telework is supported at 10%. Travel is not required.
Responsibilities and Duties
Participates in system categorization and maintains the formal decision document as part of the system's authorization package. Identifies and documents all hardware and software within the system architecture using the format/template on eMASS. Draft and update system architecture and data flow diagrams. Ensures all IA-enabled devices and applications are DON application and Database Management System (DADMS) approved. Tailors system security controls and identify any common controls and overlays in eMASS. Develops policy letters for control families and ensure appropriate Control Correlation identifiers are appropriately documented. Develops and executes Security Assessment Plans to include completing all applicable STIGs, performing vulnerability scans, and documenting results. Ensures traceability throughout the system. eMASS records are completed and read for Security Control Assessment. Supports IV&V test events and addresses immediate feedback on system test results, control assessments, and policy documentation. Validates all required artifacts are current and representative of the systems being presented for AO adjudication. Evaluates continuous monitoring plans and participate in operational assessments. Participates in weekly and/or ad-hoc meetings.
Qualifications and Skills
Required knowledge and years of experience
Must have at least five (5) years of experience. Must have experience in providing cybersecurity services using Risk Management Framework (RMF). Must have at least five (5) years experience with the DoD authoritative Enterprise Mission Assurance Support Service (eMASS). Must have at least five (5) years supporting Independent Validation and Verification (IV&V) test events. Must have at least five (5) years providing validation of required artifacts in the Information System Security Manager/Engineer (ISSM/ISSE) Security Assessment Package.
Education Requirements
High School Diploma
Certifications
Security+ or CISSP
Clearance Requirement
Secret
group id: 10317615