Cybersecurity Assessment & Authorization SME

About The Position

Requirements

• Must be a U.S. Citizen.
• Possess five (5) years of relevant Risk Management Framework (RMF) and NIST Assess & Analyze (A&A) experience.
• Possess DoD cybersecurity experience.
• Possess experience in assessing security controls and conducting authorization reviews for large, complex organizations.
• Possess experience in the general tenets supporting the overall DoD implementation of its authorization process, to include supporting cybersecurity policy, procedures, and processes.
• Possess knowledge in the cybersecurity of emerging technology areas such as Cloud and Industrial Control Systems (ICSs), warehouse execution systems and Operational Technology (OT) infrastructures.
• Must possess IT-II Non-Critical Sensitive security clearance or Tier 3 (T3) at time of proposal submission.

Nice To Haves

• Possess excellent analytical and writing skills
• Possess Microsoft Office programs (Excel, Word, PowerPoint, MS Project, etc.) knowledge.
• Possess experience working with DoD/DLA.

Responsibilities

• Performs a DOD cybersecurity process while either authorizing an information system or serving as a SME for an information system undergoing authorization.
• Possesses an understanding of how the security controls identified in the NIST 800-53 apply to the process of assessing and authorizing a large organization’s IT infrastructure such as DLA’s, in which there is a compilation of large and small enclaves, AIS applications and outsourced IT processes.
• Determines the applicable severity value for an identified vulnerability (e.g., non-compliant security control).
• Determines the possible ramifications on the system’s current or future authorization.
• Briefs senior management on the progress or results of an information system undergoing the Risk Management Framework (RMF) process.

Benefits

• health, dental, vision, life, and disability insurance
• a great 401(k) package
• generous Paid Time Off