Job Description

Job Summary
Maintain responsibility for managing the security posture of managed federal systems and infrastructure. Maintain responsibility for testing, monitoring, and performing controls for federal Certification and Accreditation (C&A) or Risk Management Framework (RMF) processes, including NIST 800-53. Analyze and implement plans of action that enhance and remediate processes or controls deemed to be insufficient. Use security tools, including Splunk, Nessus, Acunetix, Firewalls, and IDS or IPS to continuously monitor the system environment and leverage expertise with operating these products or similar tools. Analyze system policies and procedures for access control, system audit, configuration management, or change control, contingency planning or continuity of operations, and incident response.
Required Skills

• 5+ years of experience with program or project management and CMMI-based organizational policy implementation
• 5+ years of experience with consulting
• Experience with NIST RMF and 800-53 control framework
• Knowledge of Linux operating systems, Oracle databases, and networking
• Ability to work independently with little oversight, meet tight deadlines, and analyze policy and procedure, as needed
• Ability to perform system risk assessment and system security planning, including documentation
• Ability to assist client, development, and operations teams with security control implementation and conduct security testing, control testing, and assessment per NIST and FedRAMP requirements
• Ability to identify and propose solutions to resolve, mitigate, or compensate for security deficiencies
• Ability to obtain a security clearance
• BA or BS degree
• Possession of excellent documentation and writing skills
• Security+, CISA, CISSP, or CISM Certification a plus

Skills Required