RMF/IT Analyst - Military veterans preferred

2020-01-15
Frontier Technology, Inc. (www.fti-net.com)
Other

/yr


Norfolk
Virginia
United States

Overview
FTI is looking for a Technical Analyst professional to join our team. Our culture revolves around the 4C’s: Core Values, Commitment, Compassion, and Charity. It is very important to us to show our Passions for our Employees and Customers while showing Love to our Neighbors in the Community. Why choose us? OUR PRODUCTS AND TECHNOLOGIES ARE EXCITING!Many of these have come from significant investments via the Small Business Innovative Research (SBIR) culture; they truly empower our customers to feel confident in how their organizations are supported.
Responsibilities
Responsibilities:
Perform a variety of Information Assurance (IA) functions which are broad in nature to include, but not limited to, audit/inspection, infrastructure support, Assessment and Authorization (A&A), vulnerability management, detection and response support services
Provide support for a program, organization, system, or enclave’s information assurance program
Provide security certification test and evaluation of assets, vulnerability management and response, security assessments, and customer support
Provide support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies
Maintain operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed
Assist with the management of security aspects of the information system and performs day-to-day security operations of the system
Responsible for development of Risk Management Framework (RMF) packages for the A&A of both new and existing networks, labs, and programs of record
Validate RMF packages for the A&A of both new and existing networks, labs, and programs of record
Influence the system requirements and design processes to incorporate the identification of Cyber requirements.
Suggest architecture solutions to the systems that support both the functional requirements of the systems and Cyber or IA requirements
Responsible for identifying applicable security controls and analyzing assessment procedures to validate the controls
Assist in developing POA&Ms for non-compliant controls
Create, update, and assess compliance of various systems to align with DoD/DoN standards and requirements
Ensure reports are maintained and that security vulnerabilities are tracked and remediated
Provide information security expertise to system development teams throughout the lifecycle process
Must be able to interface with other teams to create an overall solution to meet A&A requirements.
Other tasks may include but are not limited to:
Test HW/SW products with total solution level verification
Identify the root cause of complex problems from an A&A perspective and provide the deliverables to assure ATO acceptance
Possess excellent verbal and written communication skills, A&A artifact generation, and solution concept and design
Develop deliverables in order to meet customer’s written requirements while meeting security requirements as outlined in Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs)
Education/Qualifications
Requirements:
Experience in Information Assurance IT Security
Extensive knowledge of DIACAP and/or RMF and other risk assessment frameworks
Experience in using Enterprise Mission Assurance Support Service (eMASS), Assured Compliance Assessment Solution (ACAS), and implementing DISA STIGs
In-depth knowledge of the Cyber Security and Information Assurance requirements as described in the DOD DOD 8510.01 and NIST 800-53
Experience with development and submission of RMF package
Expert knowledge with approved NIST and DOD policies
Bachelor’s degree in Computer Science, Mathematics, Engineering, Business or related fields, or the equivalent combination of education, technical training, or work/military experience
0-4 years of experience
DoD 8570.01-M IAM-I compliant Professional Certification (e.g., CAP, GSLC, or Security+)
Must be proficient with the use of MS Office Suite (MS Project, Word, OneNote, Access, Visio, PowerPoint, and SharePoint)
Self-motivated, well-organized and detail oriented
Preferred:
Previous experience working as an Information Systems Security Officer (ISSO)
Master’s degree in Network Engineering, Cybersecurity, Computer Science or related field
DoD 8570.01-M IAM-III compliant Professional Certification (e.g., CAP, GSLC, CISM, CASP CE, or CISSP)