Job Description:

Job OverviewIncrease your chances of an interview by reading the following overview of this role before making an application.Develop and maintain a classified Information Systems (IS) Security ProgramReview, prepare, and update Authority-to-Operate (ATO) packages in accordance with RMF requirements and customer specific policy, procedures, and guidelinesIdentify, communicate, and coordinates changes that might affect IS Security Authorization status with government sponsor representatives (IA, SCA, etc.)Perform routine self-inspections, provide security coordination and review of system test plansScan for and identify system vulnerabilities and work with technical subject-matter experts (SME) to identify and implement countermeasuresCoordinate, prepare, and track system inspections, reports, and responsesDeploy and configure compliance scanning tools in support of continuous monitoring processes Conduct manual SRG/STIG checklists and remediation. Maintain IS security records and support the development of technical documentation which may include Interconnection Security Agreements (ISA) / Memorandums of Understanding (MOU), System Security Plans (SSP), etcPrepare reports on the status of security controls and safeguards applied to computer systems. Ensure information systems are operated, maintained, and disposed of in accordance with established security policies, procedures, standards, and guidelines Requirements:Familiarity with e-MASS, NIST 800-53 and supporting classified environments. The ability to work in a dynamic environment and efficiently interact with various government entities, government/civilian personnel, and industry partners. Comfortable working hands-on with networks, computers, and performing basic administration tasks such as password resets or adding/removing Active Directory (AD) users. Experience with supporting RMF requirements for the authorization and reauthorization of classified systems. Active DoD Top Secret/SCI clearancePreferred Qualifications:Familiarity with ICD-503 requirementsIAM Level III equivalent certification, such as CISSP or CISMExperience with COTS tools such as Nessus, Splunk, etc. Strong familiarity with SAP/SAR environments.Familiarity with CMMC requirements and/or GRC platforms like FutureFeed