Full-time
Risk Management Framework (RMF) Specialist - BNL, Inc - Patuxent River, MD

Position SummarySupport DoD and federal clients as a Risk Management Framework (RMF) process engineer providing direct support to customer in their efforts to achieve and maintain Approval to Operate for their fielded information systems.Functional Roles & ResponsibilitiesProvide analysis and security assessments to ensure client information systems are compliant with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 guidance as well as client-specific guidance and policies. Assist with the preparation, development, modification, and management of the documentation required to complete ICD 503 and DoDI 8510.01 RMF processes.Conduct applicable NIST Risk Management Framework (RMF) processes and procedures for client information systems and coordinate with various shareholders and system engineers who test, implement, and install the systems to implement an adequate security infrastructure.Identify, implement and assess appropriate security controls to provide mitigation strategies to reduce risk and improve the security of the system. Prepare, review and coordinate documentation required to complete ICD 503 and DoDi RMF processes.Analyze security policies, plans, and other relevant documents to ensure RMF accreditation packages are complete.Address specific actions taken or planned to correct deficiencies in the security controls and to reduce or eliminate known vulnerabilities in the information system;Develop and coordinate for review all documentation associated with an A&A packageDevelop Plans of Action and Milestones for addressing vulnerabilities in target information systems. These may include, as example, contingency plans, rules of behavior, incidence response plans, etc.Ensure all A&A documentation support conforms to the Government-approved Standard Operating Procedure (SOP)/annual work plan or individual work requests agreed to with the Contracting Officer's Representative (COR) or designee and is consistent with the NIST guidance; andMaintain proficiency with appropriate guidance related to securing and accrediting information systemsEstablish sufficient technical proficiency with the target information system(s) to properly advise clients on strategies for effectively securing information systemsQualificationsBachelor's degree Engineering, Telecommunications, Cybersecurity, Information Technology or other computer science related discipline and 1-2 years’ related experienceExperience in cybersecurity with a focus in RMF, A&A processing, and POA&M Management on a DoD programAbility to perform IAVA analysis and resolution, document POA&Ms and create security documents necessary for assessmentsKnowledge of control frameworks and external compliance regulations/standards such as ICD 503, NIST 800-53, DoDI8510.01, NIST 800-82, ISO 27001, COBIT, etc.Familiar with system and application STIGsMust have and maintain at least one of the following certification: CISSP, CISA, SICCP, CEH, CRISC or equivalent designation.Experience in working with a GRC tool (eMASS preferred)Strong analytical, organizational, and time management skillsAbility to drive action to achieve results with minimal direction and lead others.Must maintain DoD Top Secret clearanceMust be able to effectively articulate complex, security concepts to clients, non-technical management and other team membersExperience in cybersecurity with a focus in RMF, A&A processing, and POA&M Management***Applicants must have an active US Government Top Secret security clearance and have been granted access to Sensitive Compartmented Information (SCI) within the last two years, based on a Single Scope Background Investigation (SSBI)***Additional Desired QualificationsExperience serving as an Information Systems Security Officer (ISSO)Clearance Level: Top Secret / SCI
Potential for Teleworking: No
Classification: Exempt
Shift: Day
Schedule: Full-TimeAN EQUAL OPPORTUNITY EMPLOYER
BNL, Inc. is an Equal Opportunity Employer. All applicants and prospective employees will receive consideration without discrimination because of race, color, religion, creed, gender, national origin, age, disability, marital or veteran status, sexual orientation, or any other legally protected status.Job Type: Full-timeEducation:Bachelor's (Required)License:DoD Top Secret Clearance (Required)

Apply for this job  or Save to My Jobs

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.