Essential Job Functions:
Responsible for various IA requirements of the Government client in the Department of the Navy (DON) environment to secure computing through RMF processes and procedures. Perform the duties of an Information Systems Security Engineer (ISSE) and Information Systems Security Officer (ISSO) in cradle-to-grave authorization boundary project planning and execution activities.
Conduct security vulnerability assessments of systems and networks and provide technical recommendations and guidance on mitigating risks. Perform Information Assurance Vulnerability Management (IAVM) compliance and reporting; security control analysis, testing, and compliance reporting; author and maintain A&A artifacts/documentation; conduct regular user security-awareness training; work with the client to ensure all PHYSEC/OPSEC/COMSEC/TEMPEST guidance is met. Maintain Department of the Navy Application and Database Management System (DADMS) information for client software lists.
Due to the sensitivity of customer related requirements, U.S. Citizenship is required.
A high school diploma with 5 years of IT experience is required.
Must be able to obtain and maintain a security clearance for the duration of employment.
Experience with reviewing DISA Security Technical Implementation Guides (STIGs), Security Requirements Guides (SRGs) or Security Readiness Review (SRR) scripts and evaluating them against Information Technology (IT) systems.
A current DoD 8570.01-M Information Assurance Manager (IAM) Level I certification is required or must be completed within the first six months of hire.
Must have knowledge of standalone and closed-loop non-Department of Defense Information Network (DoDIN) authorization requirements.
Enthusiastic, experienced and teachable Cybersecurity/Information Security professional with Risk Management Framework (RMF) assessment and authorization (A&A) and hands-on Information Assurance (IA) operational experience.
Must be able to provide exemplary customer support as well as achieve a high level of regulatory compliance in a security sensitive environment.
Must be able to manage multiple task across different departments.
Bachelor's Degree with an IT discipline.
2+ years RMF experience (hands-on developing A&A packages, reviewing NIST 800-53 security controls for DoD systems, and performing risk assessments to develop a plan of actions and milestones (POA&M).
1+ year experience conducting Navy A&A validations (Entry/Intermediate/Fully-Qualified Navy Validator).
System Administrator experience with DoD systems (Information Assurance Technical (IAT) Level I/II/III certifications).
Experience with vulnerability assessment automated tools (Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP) tools, Host Based Security System (HBSS) tools).
Experience with using the Enterprise Mission Assurance Support Service (eMASS) tool.
Experience with Operational, Research Development Test & Evaluation (RDT&E)-connected DoDIN and Platform IT (/interconnect