Job Requirements
Philadelphia, PA
Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Overview
ISHPI Information Technologies, Inc. (DBA ISHPI) is dedicated to delivering technical solutions that meet our customers' business needs. Through collaborative interactions with customers, team members, subject matter experts (SMEs), technical leaders, and partners, we design practical solutions that solve real problems for major government and business organizations. As a member of our group, you will collaborate with a team dedicated to delivering innovative business solutions that leverage emerging technologies through proven, successful methods.
Responsibilities
Qualifications
Education: Bachelor's degree in Computer, Electrical, or Electronics Engineering or Mathematics from an accredited university; OR CNSSI 4012 or 4013 or 4014 or 4015 or 4016 Certificate OR NDU CISO
certificate OR successful completion of at least one of the following military training courses: NEC 2780 (CIN: A-531-0022) or 2779 (CIN: A-531-0009) or 2781 (CIN:
A-531-0045) (or DoD Service equivalent). A degree concentration in computer science is highly desired.
Work Experience: Required three (3) to five (5) years of related experience.
Certification: Ability to obtain and maintain one of the following certifications: CCNA-Security, CySA+ **, Security+ CE, GICSP, GSEC, CND or SSCP. Active related certification preferred.
Security Clearance: Requires U.S. Citizenship and an active government security clearance.
"Ishpi Information Technologies, Inc. is an Equal Opportunity Employer. All qualified candidates will be considered without regard to legally protected characteristics.
Expression of Interest: By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified, you may be contacted for this and future opening
*cj
ISHPI Information Technologies, Inc. (DBA ISHPI) is dedicated to delivering technical solutions that meet our customers' business needs. Through collaborative interactions with customers, team members, subject matter experts (SMEs), technical leaders, and partners, we design practical solutions that solve real problems for major government and business organizations. As a member of our group, you will collaborate with a team dedicated to delivering innovative business solutions that leverage emerging technologies through proven, successful methods.
Responsibilities
- Maintain AO Approvals and Authorizations to Operate (ATOs) by performing Continuous Monitoring (CM) activities IAW DoD, Navy, and NAVSEA policy, guidelines, and directives.
- Assess, document, and review NIST SP 800-53 security controls IAW DoD, Navy, and NAVSEA policy, guidelines, and directives.
- Perform automated vulnerability assessments utilizing DoD, Navy, and NAVSEA approved tools such as Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP), Evaluate-Stig, and eMASSter.
- Perform annual security reviews IAW the RMF Process Guide (RPG), NAVSEA Business Rules, and NAVSEA Standard Operating Procedures (SOPs).
- Document, assess, and seek approval for system changes IAW Navy Authorizing Official (NAO) and Functional Authorizing Official (FAO) guides as documented in the NAVSEA Business Rules.
- Manage and maintain RMF packages in Enterprise Mission Assurance Support Service (eMASS) IAW DoD, Navy, and NAVSEA policy, guidelines, and directives.
- Perform System Level Continuous Monitor (SLCM) IAW approved System Security Plans (SSPs) in eMASS.
- Maintain eMASS Plans of Action and Milestones (POA&M).
- Develop and maintain project integrated master schedules for RMF projects.
- Evaluate, remediate, and mitigate technical and non-technical vulnerabilities.
Qualifications
Education: Bachelor's degree in Computer, Electrical, or Electronics Engineering or Mathematics from an accredited university; OR CNSSI 4012 or 4013 or 4014 or 4015 or 4016 Certificate OR NDU CISO
certificate OR successful completion of at least one of the following military training courses: NEC 2780 (CIN: A-531-0022) or 2779 (CIN: A-531-0009) or 2781 (CIN:
A-531-0045) (or DoD Service equivalent). A degree concentration in computer science is highly desired.
Work Experience: Required three (3) to five (5) years of related experience.
Technical & RMF Experience- Demonstrated experience supporting Authority to Operate (ATO) maintenance through Continuous Monitoring (CM) activities in accordance with DoD, Navy, and NAVSEA RMF policies.
- Hands-on experience assessing, documenting, and validating NIST SP 800-53 security controls within DoD or Navy environments.
- Proven ability to perform system-level continuous monitoring (SLCM) aligned with approved System Security Plans (SSPs).
- Experience managing and maintaining complete RMF packages throughout the system lifecycle.
Security Tools & Platforms- Practical experience using DoD-approved vulnerability assessment tools, including:
- Assured Compliance Assessment Solution (ACAS)
- Security Content Automation Protocol (SCAP)
- Evaluate-STIG
- eMASSter
- Advanced experience working within Enterprise Mission Assurance Support Service (eMASS), including:
- SSP development and maintenance
- Control implementation and inheritance
- Plans of Action and Milestones (POA&M) tracking and updates
Vulnerability Management- Proven ability to identify, evaluate, remediate, and mitigate both technical and non-technical vulnerabilities.
- Experience analyzing scan results, risk ratings, and compliance gaps, and providing actionable remediation recommendations.
- Ability to coordinate with system owners, engineers, and stakeholders to resolve findings.
Compliance, Reviews & Change Management- Experience supporting and conducting annual security reviews in accordance with the RMF Process Guide (RPG), NAVSEA Business Rules, and NAVSEA SOPs.
- Demonstrated knowledge of Navy Authorizing Official (NAO) and Functional Authorizing Official (FAO) processes.
- Experience documenting, assessing, and obtaining approvals for system changes within RMF and NAVSEA governance frameworks.
Project & Documentation Skills- Experience developing and maintaining Integrated Master Schedules (IMS) for RMF and cybersecurity-related projects.
- Strong ability to produce clear, precise security documentation suitable for audits, inspections, and authorization decisions.
- Ability to track milestones, deliverables, and compliance timelines across multiple systems or projects.
Professional Skills- Strong analytical and problem-solving skills with a risk-based approach to cybersecurity.
- Ability to work independently while collaborating effectively across technical and non-technical teams.
- Strong written and verbal communication skills, particularly in communicating security risk and compliance status to leadership.
Certification: Ability to obtain and maintain one of the following certifications: CCNA-Security, CySA+ **, Security+ CE, GICSP, GSEC, CND or SSCP. Active related certification preferred.
Security Clearance: Requires U.S. Citizenship and an active government security clearance.
"Ishpi Information Technologies, Inc. is an Equal Opportunity Employer. All qualified candidates will be considered without regard to legally protected characteristics.
Expression of Interest: By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified, you may be contacted for this and future opening
*cj
group id: 10480203