RMF Cyber Security Analyst - 306210
Indexed description
Job Summary: The RMF Analyst will assist in developing RMF accreditation packages and assist in maintaining Authorization to Operate (ATO) certifications for networked systems and applications used by the organization. The RMF Analyst will assist in the development of information system documentation and the provision of a designated set of common controls for the authorization package, including the executive summary, system security plan, privacy plan, security control assessment, privacy control assessment, and any relevant plans of action and milestones. This system certification documentation must comply with DoD and Civilian Agency policy focused on NIST 800-37, NIST 800-53 rev 4.
Responsibilities:
- Monitor and assess existing Information Security Management and Security Technical Architecture, regulations, and controls (FIPS, NIST, DISN Connection Process Guide(CPG), Navy RMF Process Guide (RPG), Navy Testing Guidance)
- Assess proposed Information Security Management and Security Technical Architecture, regulations, and controls (FIPS, NIST, DISN CPG, Navy RPG, Navy Testing Guidance)
- Maintain regular meetings/notes and informal dialog with RDT&E CORE/LAB managers and ISSOs to keep them abreast of upcoming Information System Security Manager (ISSM) requirements and to gather specifics on their capability and core support requirements and trends
- Maintain records in the Enterprise Mission Assurance Support Service (eMASS)
- Evaluating technical testing from Assured Compliance Assessment Solution (ACAS) scans, Evaluate STIG, eMASSter), and Security Technical Implementation Guide Viewer tool using FMATS or other NAVSEA or DoD-approved toolset
- Monitor security access, passwords, badges, log-ins, to keep a site or system safe
- Use firewalls and information security standards to keep their organization secure
- Perform security assessments, vulnerability testing and risk analysis
- Conduct security audits internal and external
- Identify the cause of security breaches
- DoD Top Secret Security Clearance
- 5+ Years of Experience in Cyber Security
- Cyber Security Workforce level IAM II/III CASP,CISM, or CISSP required
- Bachelor Degree or Equivalent Work Experience
- Familiarity with NIST IT Security Special Publication (SP) 800 Series with emphasis on NIST SP 800-37 and NIST SP 800-53 rev 4/5
- Forensics analysis familiarity
- Experienced STIG reviewer
- Microsoft Visio and Microsoft Project user
- Navy Qualified Validator (NQV) Level II
- Familiarity with ACAS, RedSeal, and Carbon Black
- Familiarity with the Vulnerability Remediation Asset Manager (VRAM) web tool
- Familiarity with the Continuous Monitoring and Risk Scoring (CMRS) web tool
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search