RMF Cybersecurity Analysts

Dark Wolf SolutionsTampa, FL
21h$100,000 - $150,000Hybrid
Match Resume

About The Position

Dark Wolf is seeking RMF Cybersecurity Analysts to specialize in the roles described below including: Information System Security Officers (ISSOs), Vulnerability Managers & POA&M Managers to join a collaborative team to develop, manage, and maintain the security posture of information systems with a focus on Assessment and Authorization (A&A), continuous monitoring and compliance with NIST & RMF. As an ISSO, POA&M Manager and/or Vulnerability Manager you will support your team and customer through authorization process planning, execution, and deployment ensuring high standards of security and compliance. This position will be based out of Arlington, VA with hybrid/remote opportunities at Dark Wolf Locations.

Requirements

  • Bachelor’s Degree in Computer Science or related field
  • 3+ years of relevant Cyber experience
  • Experience as an RMF Engineer, ISSO, Information Assurance Engineer, Vulnerability Manager, POA&M Manager or like specialty
  • Hands-on Tool experience associated to role
  • Experience with NIST 800-53 and CNSSI 1253
  • Experience with risk management policies/procedures, to include DODI 8510.01
  • Ability to use prior experience and knowledge to address new situations; especially during interactions with clients
  • Ability to communicate on technical subjects using clear, concise, non-technical language to include strong written communications, ability to provide written feedback on documents, and ability to prepare briefings
  • 2+ years of demonstrated knowledge and technical skills in: network architecture, configuration of a local area network (LAN), and securing operating systems
  • 5+ years of experience with Microsoft Windows Server, Windows 10, Windows 11, Microsoft Office Suite (Word, Excel, PowerPoint), Apple/MAC OS, Unix/Linux systems, and virtualization software (VMware, Hyper-V, Virtual Box)
  • Experience using vulnerability and compliance assessment tools such as Nessus, SCAP, or App Detective
  • At least one (1) of the following cyber security certifications: Security+ CE, SSCP, CAP, CISM, CASP, CISSP, GSEC, GICSP, GSLC, CEH, CDNA, CSSLP
  • US Citizenship and have a TS/SCI security clearance

Nice To Haves

  • Two (2) or more of the following certifications: Security+ CE, SSCP, CAP, CISM, CASP, CISSP, GSEC, GICSP, GSLC, CEH, CDNA, CSSLP
  • Demonstrated experience giving technical guidance to system administrators
  • Three (3) or more years of experience with the IC Community’s/Sponsor’s A&A process, ICD 503, and NIST Risk Management
  • Any additional certifications relevant to system and cyber security not previously listed
  • Knowledgeable with the Air Force A&A process and requirements
  • Knowledge of SIEM tools such as Splunk/Elastic
  • Knowledgeable with DoD DevSecOps Fundamentals Playbook
  • Experience assessing technical environments and translating implemented security controls into clear NIST SP 800-53 control narratives and supporting Authorization to Operate (ATO) documentation
  • Cloud Platform familiarity with at least one service offering from AWS, Azure, or Google GCP

Responsibilities

  • Implementing cybersecurity best practices and identifying opportunities to improve efficiency and effectiveness
  • Supporting cybersecurity activities through all aspects of the systems’ life cycle from planning, development, and deployment while ensuring proper hardening and security analysis is enforced to protect the Confidentiality, Integrity, and Availability of the environment
  • Supporting the Risk Management Framework (RMF) lifecycle
  • Creating, managing, and maintaining A&A packages
  • Preparing system documentation to include System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), Plans of Action and Milestones (POA&Ms), and security artifacts
  • Managing and implementing Continuous Monitoring activities, consisting of periodical reviews of controls, audits, vulnerability scans, and penetration test reports
  • Coordinating proper security control implementation with system administrators and engineers
  • Supporting the entry and maintenance of data into information system security systems of record, such as eMASS or Xacta, as necessary
  • Operating Scanning tools to detect vulnerabilities, misconfigurations, and outdated software
  • Analyzing scan results with the ability to discern between system risks and false positives
  • Prioritizing vulnerabilities
  • Coordinating vulnerability management
  • Compiling system vulnerabilities to include identifying remediation and mitigation requirements with the ability to provide fix actions and compensating controls
  • Tracking deadlines, SLAs, and ongoing statuses of efforts, to include remediation and closures
  • Performing POA&M maintenance
  • Verifying validity and completion of remediation actions, ensuring proper documentation and artifacts
  • Generating reports for leadership and auditors

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Job Search Resources

Similar RMF Cybersecurity Analysts job opportunities

Cybersecurity RMF Specialist
Leidos
Leidos • Odenton, MD12d • Onsite
Cybersecurity Engineer – RMF / A&A
INFORMATION SYSTEMS SOLUTIONS, INC
INFORMATION SYSTEMS SOLUTIONS, INC • San Diego, CA8d • Onsite
Cybersecurity Compliance / RMF Lead (ATO Lead)
Tri-Force Consulting Services, Inc.
Tri-Force Consulting Services, Inc. • Rockville, MD12d • Onsite
RMF/Compliance Specialist
Peraton
Peraton • Fort Meade, MD4d • $112,000 - $179,000 • Onsite
RMF/IA Analyst
SMS Data Products Group, Inc.
SMS Data Products Group, Inc. • Fort Belvoir, VA5d
Supervisor, Accounting Analysts
Lennox International
Lennox International • Marshalltown, IA4d • $90,000 - $117,600 • Onsite
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service