****Note: This position is REMOTE, but candidate must be available for EST conference calls and able to travel (up to 35%) as required by the customer and project leads.
Tops Skills Needed:
1.) Independent Validation & Verification (IV&V) experience
2.) RMF Experience (knowledge of steps 1-5)
3.) Capable of working with key cyber security stakeholders (SCAR and SCA) in an effort to identify risk and communicate best course of action
DoD Secret Clearance Required - **CANNOT hold Top Secret Clearance.
We are seeking Vulnerability Analyst to support an active government contract.
*Support and execute DHA RMF Independent Validation & Verification (IV&V) and Validator responsibilities and deliverables defined by the DHA RMF workflow. These include:
o Review of systems architecture diagrams, hardware/software lists, accreditation boundary documentation, security plans and eMASS records.
o Develop detailed Security Assessment Plans
o Support Development of IV&V cost estimates for
o Execute reviews for and provide feedback to Program Offices within eMASS for Security Plan approvals, Authorization Packages, Risk Assessments and Annual Reviews
* Coordination among various stakeholders, e.g., Security Engineers, Network Administrators, System Administrators, Information Assurance Managers (IAMs) / Information Systems Security Managers (ISSMs), SCA, SCAR, Authorization Officials (and representatives), program managers, vendors, etc., necessary to properly plan and coordinate IV&V and testing requirements for program office authorization efforts.
* Knowledge and experience identifying, assessing, and documenting compliance against applicable DoD IA security controls (technical, management, operational), and DISA Security Technical Implementation Guides (STIGs).
* Familiarity with the use of vulnerability scanning and assessment tools (e.g., ACAS/Nessus/Tanium) necessary to identify and document compliance;
* Knowledge of and ability to use applicable compliance and accreditation reporting environments (e.g., eMASS, CMRS) to validate compliance and accuracy of a program's RMF package.
* Knowledge of NIST SP 800-53 and 800-37, CNSSI 1254, and other DoD Risk Management policies.
* Experience with Steps 1-5 of the RMF process.
Day-to-day tasks may include the following:
*Develop, update, and/or review RMF documentation to include Security Plans, Implementation Plans, Plans of Action and Milestones (POA&Ms), and Risk Assessment Reports
*Assess system compliance against NIST, DoD, and DHA security requirements to include the NIST 800-53 controls, and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)
*Produce evidence as necessary to support compliance status of NIST, DoD, and DHA security requirements
*Work with system administrators, engineers, and ISSM to create or update system/site policies, procedures, and process guides
*Coordinate with other system SMEs to identify and develop authorization boundary diagrams, architecture diagrams, and hardware and software inventories
*Analyze vulnerability scans of information systems and assist in remediation tasks
*Lead or attend meetings with SDD stakeholders to discuss statuses of efforts
*Submit weekly reports to DHA leadership regarding system/program status
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.If you would like to request a reasonable accommodation, such as the modification or adjustment of the job application process or interviewing process due to a disability, please call -3411 or email .com for other accommodation options.