Security/RMF Engineer

Employer
Cyber Defense Technologies
Location
Reston, VA
Posted
Jul 18, 2019
Closes
Jul 21, 2019
Ref
216473505
Industry
Engineering
Hours
Full Time
Clearance Requirements: Must have an active/current TS/SCI and be able to pass a CI Poly. Candidates who do not meet these security requirements will not be considered. Overview: We are currently seeking a Security Risk Management Framework (RMF) Engineer to assist the Chief Information Officer (CIO) to advise and guide projects and programs through the RMF framework, to include aligning and implementing appropriate RMF IC, DoD, and DIA policies and procedures.Clearance Requirements: Must have an active/current TS/SCI and be able to pass a CI Poly. Candidates who do not meet these security requirements will not be considered. Responsibilities: Applies knowledge and understanding of Information Assurance (IA) concepts, practices and procedures using established IC and Agency policies and standards to minimize and/or mitigate RMF security risks. Review and comment on technical documentation to ensure compliance with security standards and regulations. Recommend security monitoring solutions as required to meet IA requirements for RMF. Guide projects and programs through successful assessment and authorization of systems components for Authority to Operate (ATO). Focuses on threats, vulnerabilities and the security of programs and systems. Provides special consideration to intrusion detection, finding and fixing unprotected vulnerabilities, and ensuring that remote access points are secure. Coordinates closely with internal and external stakeholders to support, monitor, test and troubleshoot software and hardware IA problems related to RMF. Identify, develop and implement security standards, procedures and solutions appropriate to RMF environment. Coordinate with DIA IC Enterprise Audit Program to assure RMF's compliance with reporting requirements as mandated by the ODNI/IC CIO. Work with Subject Matter Experts (SMEs) to help identify user audit records to be captured and routed to IC Community Shared Resources using DNI designated process. Establishes, maintains, and audits program IT enterprises infrastructure baseline configuration. Provide IA and RMF services such as System Security Plans (SSP), risk assessment, audit policy, scanning policy, POA&AMs, HBSS implementation, Data interface CONOPS, COOP/DR, IA Cert Checks, and MOU/MOAs Qualifications: Must have at least 5 years' experience with RMF/IA Cyber Security. A bachelor's degree or equivalent training and experience. Master's degree preferred with advanced training in RMF/IA Cyber Security. Preferred Qualifications: CISSP, CompTIA Security+, or other relevant certifications.

Similar jobs