Cyber Risk Management Framework (Rmf) Analyst

CDW Colorado Springs , CO 80928

Posted 2 months ago

The Risk Management Framework (RMF) Analyst for Cyber position is responsible for the creation, consultation, and ongoing assessment and authorization (A&A) documentation in compliance with Federal Cybersecurity policies and guidelines including DoD 8500 and NIST 800-53 controls. Additionally, the RMF Analyst for Cyber will evaluate information assurance compliance and coordinate program security documentation for various Federal customers.

The Cyber RMF Analyst is an industry recognized thought leader that has mastered multiple NIST/RMF practices. Provides insight and expertise on key solutions to best position CDW's approach, preparation, and delivery of new and emerging solutions.

Key Responsibilities

  • Serves as a subject matter expert to advise for RMF packages, strategies, and technical components to ensure compliance of NIST 800-53 security controls.

  • Serves in a technical leadership role that includes consulting on systems and their plans, design, development, implementation of projects focused on Cyber Security.

  • Develops and maintains strategic relationships with Sales Management of the teams and is seen as a 'go-to person' for cyber security strategies; and is on the forefront of new and emerging solutions and implications offerings and services.

  • Develop and capture the requirements for a government security solution in collaboration with stakeholders.

  • Assess solutions' architectural designs for compliance with NIST 800-53 and DOD related policies for on premise and cloud-based solutions; prepare assessment documentation.

  • Develop security artifacts to support the IA program to include System Security Plans (SSP), Security Assessment Reports (SAR), Risk Assessment Reports (RAR), Security Control Traceability Matrix (SCTM), Plan of Action and Milestones (POA&M), System Design and Installation Procedures, System User Guides, Privileged User Guides, Security Test Procedures and other documents as needed.

  • Support systems through all steps of RMF and enable Gov Client to achieve and or maintain authorities.

  • Review vulnerability scan results at the operating system (OS) and application level and work with stakeholders to architect and implement mitigations.

  • Promotes a culture of knowledge sharing and collaboration by organizing knowledge bases, contributing regularly, and encouraging team members to contribute.

  • Coaches and mentors team members to improve their technical, consulting, and sales skills.

  • Conducts technical assessment and expertise evaluations for candidate selection process.

  • Advises team members and sales prior to customer calls and/or sales strategy session on Course of Action (COA) decisions among competing technologies and solutions

  • Presents technical topics at technology showcase events, such as key-notes at national industry or technology conferences and/or participates on Partner Technical Advisory Boards.

  • Collaborates with Partners, Inside Solution Architects (ISA), and Account Executives (AE) to drive mapped opportunities; fine tunes strategies and approaches to achieve greater sales results.

  • Regularly creates forward-thinking thought leadership deliverables (e.g., external monthly blog posts, internal technical strategy documents); provides insight into emerging technical trends affecting CDW's portfolio; regularly contributes to major industry publications and/or speaks at national conferences

  • Manages competing priorities and sets expectations with sales and other stakeholders through proactive communication, planning, and potential for return on investment.

  • Leads the development of Bills of Materials, Statements of Work, RPFs, RFIs, and proposal content for cross-technology solutions with high levels of accuracy and quality.

  • Maintains pre-sales pipeline data, develops plans, and takes actions to move opportunities to closure.


Minimum Qualifications

  • Bachelor's degree in Computer Science, a related technical degree or equivalent years of relevant military service

  • 8 years of Information Assurance/Cyber experience

  • 8 years of Federal and/or DoD experience

  • DoD/OPM Secret or Top-Secret Clearance

  • DoD 8570 level II IAT Level III (example: CISSP or equivalent).

Other Requirements

  • Familiarity with NSAs commercial solutions for classified (CSfC) Program.

  • Familiarity with Defense Information Systems Agency (DISA) Secure Technical

  • Implementation Guidelines (STIGs)

  • Experience with remediating identified Information Assurance Vulnerability Alerts (IAVAs) within DoD systems

  • Strong organizational skills and excellent attention to details.

  • Abilities to work independently and to manage time effectively.

  • Effective communication skills with an appreciation for the appropriate ways to interact with managers, coworkers, customers and vendors

  • Travel between 25% - 50%

Preferred Qualifications

  • Ability to work off hours as necessary to meet clients' needs

  • Desirable: Security+, CEH, Linux+, AWS Certs, Redhat

  • Knowledge of compliance standards for the organization to include NIST 80053 controls, RMF, 800-53, FEDRAMP, agency specific requirements and emerging IC/DoD polices for Cyber Security with a particular focus on Cross Domain Solutions

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Juior Risk Management Framework Manager

Delta Solutions And Strategies

Posted 2 months ago

VIEW JOBS 1/16/2020 12:00:00 AM 2020-04-15T00:00 N2NOMS Junior Risk Management Framework (RMF) Manager The North American Aerospace Defense Command (NORAD) and United States Northern Command (USNORTHCOM) (N&NC) Network Operations and Maintenance Support services (N2NOMS) contract is designed to provide N&NC Information Technology (IT) support and encompasses Service Operations and Support. The contractor shall provide professional, administrative, technical, and management support for the N&NC Cyberspace Operations Directorate (N&NC/J6) to support the enterprise IT services provided by the N&NC/J6 in support of N&NC missions. Primary Responsibilities * Communicate clearly and succinctly both written and orally, and present products and ideas in a business-like manner * Work in dynamic fast paced environments that require team interaction and coordination of efforts * Provide management support to the RMF for NIPR/SIPR & Coalition networks under the purview of the Command * Help manage and maintain the RMF assessment and Authorization program * Develop, update, organize, maintain, and track RMF documentation using information obtained from the customer * Prepare test plans * Provide assessment and authorization (A&A) support in the development of security and contingency plans and conduct complex risk and vulnerability assessments * Analyze policies and procedures against DoD security policies and regulations and provide recommendations for closing gaps * Develop and complete system security plans and contingency plans * Recommend system enhancements to improve security deficiencies * Interface with both client managers and system users * Provide remote support and/or travel to customer sites as required * Perform other duties as assigned * Will report to the RMF Lead Basic Qualifications * Must hold current and active Top Secret/SCI Clearance and be able to maintain * BA/BS +4 years, AA/AS + 2 years, or a major cert + 5 years, or 2-5 years of recent specialized experience * Position requires DOD 8570 IAM II and fulfillment of role as ISSO * RMF Certification or equivalent * Expert level experience with DoD IT security requirements * Expert level experience in Certification and Accreditation (C&A) process and development of Risk Management Framework (RMF) certification packages Preferred Qualifications * ITIL v3 Foundation * DOD 8570 IAM III * Certified Ethical Hacker (CEH) * Microsoft Certified Solutions Associate (MCSA) * Cisco Certified Network Associate (CCNA) * Experience in network access control, intrusion prevention and detection systems, firewalls, routers, incident response, information security methods, and risk management * Working knowledge of supporting Operating Systems: Windows Server 2008-2016 and Windows 10, VMWare vSphere, Solaris 10-11, Red Hat Enterprise Linux Thank you for considering a career with Delta Solutions & Strategies. If you have never applied for a position through our online portal, and would simply like to send us your resume and a general application to consider for possible future opportunities, please apply now. After you have completed your application an email will be sent to you with information about how to check the status of your application. We are an Equal Opportunity Employer. We do not and will not discriminate in employment and personnel practices based on race, sex, age, disability, veteran status, religion, national origin or any other basis prohibited by applicable law. Hiring, transferring, and promotion practices are performed without regard to the above listed items. EEO/AAP, M, F, V, D By applying for this position, you authorize Delta Solutions & Strategies to share your resume with our subcontractors, as we deem necessary. Delta Solutions And Strategies Colorado Springs CO

Cyber Risk Management Framework (Rmf) Analyst