Overview: We are currently seeking a Security Risk Management Framework (RMF) Engineer to assist the Chief Information Officer (CIO) to advise and guide projects and programs through the RMF framework, to include aligning and implementing appropriate RMF IC, DoD, and DIA policies and procedures.
Clearance Requirements: Active TS/SCI clearance with CI Polygraph. Candidates who do not meet this clearance requirement will NOT be considered. Candidates who currently possess TS/SCI and are in need of a polygraph will be considered on a case-by-case basis.
- Applies knowledge and understanding of Information Assurance concepts, practices and procedures using established IC and Agency policies and standards to minimize and/or mitigate RMF security risks.
- Review and comment on technical documentation to ensure compliance with security standards and regulations.
- Recommend security monitoring solutions as required to meet IA requirements for RMF.
- Guide projects and programs through successful assessment and authorization of systems components for Authority to Operate.
- Focuses on threats, vulnerabilities and the security of programs and systems.
- Provides special consideration to intrusion detection, finding and fixing unprotected vulnerabilities, and ensuring that remote access points are secure.
- Coordinates closely with internal and external stakeholders to support, monitor, test and troubleshoot software and hardware IA problems related to RMF.
- Identify, develop and implement security standards, procedures and solutions appropriate to RMF environment.
- Establishes, maintains, and audits program IT enterprises infrastructure baseline configuration.
- 5+ years' experience
- A bachelor's degree or equivalent training and experience
- CISSP, CompTIA Security+, or other relevant certifications.