RMF Cybersecurity Engineer (ISSE)
An RMF Cybersecurity Engineer must have a thorough understanding of the RMF process and familiarity with IT/network technologies. Thus, the ISSE is expected to provide technical support to perform Navy RMF Steps and assist with the planning, development, implementation, assessment, and validation of the systems to correctly implement the selected security controls and conform to Navy RMF package processing requirements.
Duties and Responsibilities:
- Experience and thorough understanding of Risk Management Framework (RMF) lifecycle to include a working knowledge of the each of the stages within the process
- Support client risk management activities including Security Test and Evaluations (ST&E), system documentation, authorizations, risk assessments, third party audits, compliance with NIST 800-53, and threat assessments in accordance with RMF lifecycle and processes.
- Plan and monitor security control implementation for the protection of networks, enclaves, and information systems.
- Generate and interpret ACAS scans to identify system vulnerabilities and monitor remediation efforts or mitigation strategies.
- Working knowledge and experience implementing and evaluating manual Security Technical Implementation Guides (STIGs), Security Content Automation Protocol (SCAP), SCAP Compliance Checker (SCC), and eMASSter.
- Working knowledge of common assessment & authorization (A&A) application platform e.g. eMASS.
- Five (5) years’ experiences with cybersecurity methodologies, tools and best practices.
- Three (3) years’ experience supporting C&A/A&A processes.
- BS in Information Systems, Information Assurance, Computer Science, or equivalent technical degree or 5 years of relevant experience.
- Security+, Network+, or other IAM Level II certifications required.
- Linux OS knowledge (preferred)
- An active Secret Clearance
Start Date: Fall 2022
Job Type: Full-time