More jobs:
Job Description & How to Apply Below
Key Responsibilities:
Serve as the primary Subject Matter Expert (SME) for all aspects of the Assessment and Authorization process in accordance with the DoD Risk Management Framework (RMF) model. Lead the effort utilizing Enterprise Mission Assurance Support Service (eMASS) to document activities, including implementation of all applicable security controls as identified via information system security categorization in accordance with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 and Committee on National Security Systems Instructions (CNSSI) 1253.
Test and apply security controls based on security categorization, the application of overlays (privacy, classified, intel, etc.) and security control tailoring (AI, NOFORN, etc.). Collaboration with team leads, system owners, developers, and other key stakeholders to ensure security requirements are integrated throughout system design and implementation. Conduct active and passive reconnaissance of data, with the ability to assess and author Plans of Milestones and Actions (POA&Ms) containing accurate and verifiable mitigation statements, milestone tracking, and applying to the most relevant security control.
Development of comprehensive required A&A documentation, including System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Reports (SARs), etc. Adherence to the eMASS scheduled tasking within the accreditation cycle, including Quarterly Independent Verification and Validation (IV&V), quarterly STIG checks, Annual Security Review (ASR), monthly POA&M updates, and resubmission for ATO, ATC, IATC and IATT as applicable. Maintenance of DISA circuit connections (CCSDs), inheritance from accredited systems and cloud service providers, and the workflow schedule on accreditations.
Certifications (IAT Level III) One of the following:
CompTIA Advanced Security Practitioner (CASP CE) Cisco Certified Network Professional Security (CCNP Security) Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) GIAC Certified Enterprise Defender (GCED) GIAC Certified Incident Handler (GCIH
Functional area
training certificates (required prior to start date): DISA eMASS Computer Based Training Annual Cyber Awareness Training Required Skills and Experience A Master’s of Cybersecurity or related degree, or 10 years of experience in cybersecurity analysis with an understanding of applicable laws, acts, policies, protocols, and regulations. At least 5 years of experience related to DoD cybersecurity policies, procedures, and related directives including Task Orders, Executive Orders, Operational Orders, OPSEC, OSINT, etc.
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×