Job Number: R0058149
Provide Cybersecurity Risk Management Framework (RMF) Assessment and Authorization (A&A) support for Department of Navy (DoN) systems and serve as a Cybersecurity expert throughout all stages of acquisition, systems engineering, and maintenance processes. Maintain responsibility for Cybersecurity, and cross-domain solution (CDS) analyses and documentation of DoN systems. Perform security analysis of the systems, including pursuing CDS through a government program office, problem reporting and tracking, and documenting resolutions and performance. Ensure system designs and implementations are consistent with intelligence community (IC), DoD, and DoN policies, requirements, and directives, including compliance with Security Technical Implementation Guidance (STIG), Security Requirements Guides (SRGs), and checklists. Review, develop, and modify A&A documentation, analyze the architecture of IT systems for compliance with DoD policies, analyze and execute security test plans, and assess the Cybersecurity risk of IT systems to document them in formal risk assessments. Identify Cyber vulnerabilities and compliance issues. Track system Plan of Action and Milestone (POA&M) updates, work with Information System Security Officers (ISSOs) to remediate existing vulnerabilities or develop mitigation that minimizes impact, likelihood, or risks, and work with the program to incorporate findings into the system POA&M. Liaise with the client during team meetings and one-on-one on the completion of A&A documents.
-2+ years of experience with Navy Cybersecurity, engineering, test and evaluation, or A&A
-Experience with supporting RMF A&A activities, including conducting security control validation and developing and maintaining system authorization packages
-Experience with the development of Cross-Domain Solution Appendixes (CDSAs) for production systems and the CDSA Phase I through CDSA Phase III process
-Knowledge of Top Secret and Below Interoperability (TSABI) or Secret and Below Interoperability (SABI) Cross Domain Solutions (CDS) processes and developing artifacts that support the CDS approval process for production systems
-Knowledge of the Xacta
-HS diploma or GED
-DoDI 8570 certification
-Experience with system vulnerability management or security patch implementation
-Experience with the implementation of National Institute of Standards and Technology (NIST) special publications, federal regulations, and DoD policies
-BA or BS degree in IT, Information Assurance (IA), Systems Engineering, Network Architecture and Design, or related field
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.
We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.
Apply on company website