Cyber Risk Management Framework (Rmf) Analyst

CDW Huntsville , AL 35801

Posted 2 months ago

The Risk Management Framework (RMF) Analyst for Cyber position is responsible for the creation, consultation, and ongoing assessment and authorization (A&A) documentation in compliance with Federal Cybersecurity policies and guidelines including DoD 8500 and NIST 800-53 controls. Additionally, the RMF Analyst for Cyber will evaluate information assurance compliance and coordinate program security documentation for various Federal customers.

The Cyber RMF Analyst is an industry recognized thought leader that has mastered multiple NIST/RMF practices. Provides insight and expertise on key solutions to best position CDW's approach, preparation, and delivery of new and emerging solutions.

Key Responsibilities

  • Serves as a subject matter expert to advise for RMF packages, strategies, and technical components to ensure compliance of NIST 800-53 security controls.

  • Serves in a technical leadership role that includes consulting on systems and their plans, design, development, implementation of projects focused on Cyber Security.

  • Develops and maintains strategic relationships with Sales Management of the teams and is seen as a 'go-to person' for cyber security strategies; and is on the forefront of new and emerging solutions and implications offerings and services.

  • Develop and capture the requirements for a government security solution in collaboration with stakeholders.

  • Assess solutions' architectural designs for compliance with NIST 800-53 and DOD related policies for on premise and cloud-based solutions; prepare assessment documentation.

  • Develop security artifacts to support the IA program to include System Security Plans (SSP), Security Assessment Reports (SAR), Risk Assessment Reports (RAR), Security Control Traceability Matrix (SCTM), Plan of Action and Milestones (POA&M), System Design and Installation Procedures, System User Guides, Privileged User Guides, Security Test Procedures and other documents as needed.

  • Support systems through all steps of RMF and enable Gov Client to achieve and or maintain authorities.

  • Review vulnerability scan results at the operating system (OS) and application level and work with stakeholders to architect and implement mitigations.

  • Promotes a culture of knowledge sharing and collaboration by organizing knowledge bases, contributing regularly, and encouraging team members to contribute.

  • Coaches and mentors team members to improve their technical, consulting, and sales skills.

  • Conducts technical assessment and expertise evaluations for candidate selection process.

  • Advises team members and sales prior to customer calls and/or sales strategy session on Course of Action (COA) decisions among competing technologies and solutions

  • Presents technical topics at technology showcase events, such as key-notes at national industry or technology conferences and/or participates on Partner Technical Advisory Boards.

  • Collaborates with Partners, Inside Solution Architects (ISA), and Account Executives (AE) to drive mapped opportunities; fine tunes strategies and approaches to achieve greater sales results.

  • Regularly creates forward-thinking thought leadership deliverables (e.g., external monthly blog posts, internal technical strategy documents); provides insight into emerging technical trends affecting CDW's portfolio; regularly contributes to major industry publications and/or speaks at national conferences

  • Manages competing priorities and sets expectations with sales and other stakeholders through proactive communication, planning, and potential for return on investment.

  • Leads the development of Bills of Materials, Statements of Work, RPFs, RFIs, and proposal content for cross-technology solutions with high levels of accuracy and quality.

  • Maintains pre-sales pipeline data, develops plans, and takes actions to move opportunities to closure.

Qualifications

Minimum Qualifications

  • Bachelor's degree in Computer Science, a related technical degree or equivalent years of relevant military service

  • 8 years of Information Assurance/Cyber experience

  • 8 years of Federal and/or DoD experience

  • DoD/OPM Secret or Top-Secret Clearance

  • DoD 8570 level II IAT Level III (example: CISSP or equivalent).

Other Requirements

  • Familiarity with NSAs commercial solutions for classified (CSfC) Program.

  • Familiarity with Defense Information Systems Agency (DISA) Secure Technical

  • Implementation Guidelines (STIGs)

  • Experience with remediating identified Information Assurance Vulnerability Alerts (IAVAs) within DoD systems

  • Strong organizational skills and excellent attention to details.

  • Abilities to work independently and to manage time effectively.

  • Effective communication skills with an appreciation for the appropriate ways to interact with managers, coworkers, customers and vendors

  • Travel between 25% - 50%

Preferred Qualifications

  • Ability to work off hours as necessary to meet clients' needs

  • Desirable: Security+, CEH, Linux+, AWS Certs, Redhat

  • Knowledge of compliance standards for the organization to include NIST 80053 controls, RMF, 800-53, FEDRAMP, agency specific requirements and emerging IC/DoD polices for Cyber Security with a particular focus on Cross Domain Solutions

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
RMF Cyber Engineer (Isso) (4833987)

Colsa Corporation

Posted 6 days ago

VIEW JOBS 2/22/2020 12:00:00 AM 2020-05-22T00:00 General Summary Develops Risk Management Framework (RMF) Certification and Accreditation documentation, standard operating procedures, policies and security instructions for both networked and stand-alone computer systems and provides oversight and guidance for multiple systems. Responsible for supporting the Cyber Security Program to include but not limited to Cyber Security policy, procedures and regulations to assist with identifying potential Cyber Security issues. Monitor, evaluate, and maintain systems and procedures to safeguard information systems, networks and databases. Implements, enforces, communicates and develops security policies or plans for data, software applications, hardware, telecommunications and information systems security education/ awareness programs. Establishes and satisfies system-wide information security requirements based upon the analysis of user, policy, regulatory, and resource demands. Candidate will be responsible for serving as an Information Systems Security Officer (ISSO) for systems assigned. Responsibilities of an ISSO include (but are not limited to), maintenance of authorization packages, account management, security auditing and configuration management reporting. Other duties as assigned. Position requires good communication skills with users and co-workers and ability to adapt to a dynamic customer-oriented environment. Required Experience Required Qualifications * Bachelor's degree in related field or equivalent; advanced degree preferred * Minimum of 7 years work related experience * Currently active DoD 8570 Information Assurance IAM-I level certification (Security+ CE) * Must be able to obtain a Computing Environment Certification (Microsoft, RedHat, Linux+, etc) within 6 months of hire if not already possessed. * Experience of determining and assessing vulnerabilities including planning, testing, and documenting (DoD) accreditation packages for Information Technology (IT) systems and networks, specifically within RMF. * Working knowledge of eMASS, ACAS, HBSS, DISA STIGS and STIG-Tools. * Currently active DoD SECRET security clearance required. Preferred Qualifications * Experience applying DISA STIGS, conducting vulnerability audits, security configuration checks, and system configuration scans to meet Cyber Security requirements desired. * Experience deploying and configuring HBSS components. * Knowledge of Information Security and Auditing. * Ability to achieve Certified Information Security Professional (CISSP) or equivalent desired. * Knowledge of Federal and DoD Guidance DoDD 8500.1, DoDI 8500.2, DoDI 8510.01 SP 800-57, SP 800-53, CNSSI 1253. Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin. Colsa Corporation Huntsville AL

Cyber Risk Management Framework (Rmf) Analyst

CDW