RMF Support Technician

Employer
CACI
Location
Scott Air Force Base, IL, United States of America
Posted
Nov 23, 2022
Closes
Dec 23, 2022
Ref
268932
Function
IT
Hours
Full Time
RMF Support Technician
Job Profile:
Information Security T3

JR Type:
Proposal
Job Category:
Security
Minimum Clearance Required to Start:
Top Secret
Percentage of Travel Required:
Up to 10%
Type of Travel:
Continental US, Local
Program/Opportunity Name:
Opportunity | USTRANSCOM Information Technology Service Management Enterprise Support Managed Services (ITSM) aka MITS
Referral Bonus Plan:
$3,000

Job Description:

CACI is looking for a Risk Management Support Technician to support our customer, U.S. Transportation Command (USTRANSCOM), at Scott AFB Illinois. This position is contingent upon award of the USTRANSCOM Command, Control, Communication & Cyber Systems Managed Information Technology Services (MITS), Enterprise support Managed services.

What You'll Get to Do:

CACI has an excellent opportunity for an experienced, self-directed, Risk Management Support Technician. This position is in support of a Department of Defense (DoD) organization, USTRANSCOM Directorate TCJ6 located at Scott AFB IL

They will work on a team with a focus on policy, implementation of strategic initiatives and execution of day-to-day deliverables. They work to achieve team objectives and execute operational plans with measurable contribution towards the achievement of results of the job function or completion of a project.

They are responsible for Risk Management and Compliance through ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. Responsible for USTRANSCOM and the Unified Combatant Command (UCC) in maintenance of an all-encompassing system security program to proactively manage all Infrastructure systems security risks, vulnerabilities, and compliance with security configurations, guidance, and policies. Conduct formation Assurance activities, responsible for enabling the ongoing assessment and ongoing authorization of all infrastructure utilizing Risk Management Framework (RMF) and automated Security Assessment and Authorization tools.

More About the Role:

The RMF Support Technician supports the RMF Lead in the development of a standardized, enterprise-level Risk Management Process. You will assess, analyze, propose mitigations, and conduct the creation, tracking and closure of risks, issues, and opportunities (R/I/Os) related to the successful completion and/or delivery of a US Government product or service.

You will provide technical support in the creation and delivery of technology solutions and complete risk management actions (i.e., risk identification, assessment, and mitigation planning). You will define, develop, and record all risk items on the Risk Register. You will assist the RMF Lead to identify and develop contingency plans, fallback plans, and workarounds.

The RMF Support Technician will help determine the probability (Likelihood) and Impact (Consequences) for each risk item; track, manage, and update as risk plans are executed. Conduct SWOT Analysis, Risk Audits, Risk Assessments, and Variance and Trend Analysis. Identify Risk urgency, appetite, triggers, tolerance, threshold, and aversion and map in a decision tree matrix.

The RMF Support Technician may be called upon to facilitate and/or brief meetings or forums and be able to effectively communicate risk posture and project information to stakeholders. They work with their team to help drive effective teamwork, communication, collaboration, and commitment across multiple disparate groups with competing priorities.

They must communicate project issues and status in a concise, accurate, and professional manner. Support, coordinate, document, assess, and comply with all Cyber Security operations IAW operational plans, SOPs, and Work Instructions. Ensure compliance POA&M analysis, management, compliance, and remediation. Monitor security advisories and security bulletins to ensure compliance with applicable security requirements.

Support Security Release Management - Track and report software inventory for all infrastructure devices (patches and firmware). Understand and support Privacy Compliance Activities to include the development of Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), and Statement of Record Notices (SORN).

The successful candidate must be able to communicate clearly and succinctly both written and orally, have strong leadership skills, and present products and ideas in a business-like manner. The candidate will be required to work in dynamic fast paced environments that require team interaction and coordination of efforts. The candidate must be experienced in interfacing with both client managers and system users.

You'll Bring These Qualifications:

  • Technical Level III certification per DoD 8570.01-M
  • BA/BS Degree with at least four (4) years of relevant experience involving application of DoD policy, direction, and guidance to customer environments.
  • Experience/working knowledge of NIST and DoD security policies, directives, and guidelines.
  • NIST Risk Management Framework and Security Control Implementation
  • Experience/working knowledge of Network/system architecture design and implementation.
  • Experience/working knowledge of Vulnerability scanning, e.g., Retina and Nessus.
  • Experience/working knowledge of Network architecture and design (e.g., security stack and integration with office automation products and services to include production, test, development, and DMZ enclaves.


Desired Qualifications:

  • ITIL v3 - Foundation Certification
  • Current Microsoft server and workstation OS security configurations.
  • Current Red Hat Linux Enterprise OS security configurations.
  • Current Unix OS security configurations.
  • Current Microsoft server and desktop application security.
  • Current Microsoft Windows Group Policy Object (GPO) security configurations.
  • VMware functionality and security.
  • Database functionality and security, e.g., Oracle, MS SQL, MS Access.
  • Border device security, e.g., firewall, VLANs, IP Subnetting, Ports and protocols).
  • Encryption standards.
  • Application code scanning with Fortify or other government furnished systems.
  • Metrics capture & documentation.
  • Technical writing, to include technical documents and user training materials.


What We Can Offer You:
  • We've been named a Best Place to Work by the Washington Post.
  • Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
  • We offer competitive benefits and learning and development opportunities.
  • We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities.
  • For over 55 years, the principles of CACI's unique, character-based culture have been the driving force behind our success.


Company Overview:

CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.

As a federal contractor, CACI is subject to any federal vaccine mandates or other customer vaccination requirements. All new hires are required to report their vaccination status.

Similar jobs