Tech Stack

Description

You will join a team reviewing and assessing Risk Management Framework (RMF) authorization body of evidence for classified information systems. You will review systems for technical compliance with IA directives and protection of data at all classification levels including SCI, advise on security design reviews and threat/risk assessments, and provide inputs to technical artifacts like POA&Ms, SCTMs, and RARs. This role supports federal government missions to make the nation stronger and safer.

Requirements

• DoD 8570 IAT Level II certification or higher (Sec+, CISSP, CASP, etc.)
• 5 years of implementing NIST 800-53, Rev 4 and/or the Risk Management Framework (RMF)
• 5 years of experience with Windows and/or Linux environments
• 5 years of experience with virtualization or cloud environments
• 2 years of using information security and assurance practices and principles
• Must have an active TS/SCI level clearance

Responsibilities

• Review new and existing systems for technical compliance with IA directives and protection of data at all classification levels including SCI
• Advise on in-depth security design review and threat/risk assessments
• Provide inputs to technical artifacts, including Plans of Action and Milestones (POA&Ms), Security Control Traceability Matrices (SCTM), and Risk Assessment Reports (RARs)
• Conduct site visits (as required) and assessments to inspect IA plans and security control implementations and support Incident Response Team (IRT) activities