Posted by: Logistics Systems Inc on Sep 03, 2020
Location:
Remote , DC 20005
Job Description:
Experience:
Five (5) years of relevant C&A; Risk Management Framework (RMF), DOD cybersecurity experience
Experience in assessing security controls and conducting authorization reviews for large, complex organizations
Serves as a Cyber-Security Subject Matter Expert (SME)
Job Description:
Serves as a cybersecurity Subject Matter Expert (SME) with regards to the Authorization of information systems and all associated cybersecurity policies and procedures.
Fully versed in the general tenets supporting the overall DOD implementation of its authorization process, including supporting cybersecurity policy, procedures, and processes.
Performs a DOD cybersecurity process while either authorizing an information system or serving as an SME for an information system undergoing authorization.
Possess an understanding of how the security controls identified in the NIST 800-53 to apply to the process of assessing and authorizing a large organization's IT infrastructure such as DLA's, in which there is a compilation of large and small enclaves, AIS applications and outsourced IT processes.
Determines the applicable severity value for an identified vulnerability (e.g., non-compliant security control), and determines the possible ramifications on the system's current or future authorization. Required to brief senior management on the progress or results of an information system undergoing the authorization process.
The following are a sample of the cybersecurity activities and tasks that will be performed by the candidate to maintain the security posture of networks, information systems, and applications:
Draft documentation as applicable (i.e. System Security Plan (SSP))
Categorize and register systems
Execute Common Control Analysis
Draft system-level continuous monitoring strategy.
Conduct reviews and analysis of the security plan and continuous monitoring strategy
Implement control solutions consistent with DoD and DLA cybersecurity architectures.
System Technical Implementation Guide (STIG) configuration execution and/or validation.
Develop and execute a security assessment plan.
Assess and validate security control compliance.
Draft supporting assessment documentation (Security Assessment Report (SAR), Risk
Assessment Report (RAR), etc.).
Execute initial remediation actions
Submission of the Security Authorization Package (i.e. Security Plan, Security
Assessment Report (SAR), and POA&M) to the Authorization Official (AO).
Determine the impact of changes to the system and environment (Software Life Cycle (SLC) monitoring).
Cybersecurity Vulnerability Alert (IAVA) monitoring (i.e. Execution, results analysis, compliance determination, POA&M documentation, resolution monitoring).
Assured Compliance Assessment Solution (ACAS) scan monitoring (i.e. Common
Vulnerabilities and Exposures (CVE's) (i.e. Execution, result analysis, compliance determination, POA&M documentation, resolution monitoring.
Assess selected controls at least annually and in accordance with DLA continuous
monitoring program and/or as determined by regulatory and statutory auditing requirements
Logistics Systems Incorporated is an Equal Opportunity /Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, national origin, color, religion, sex, sexual orientation, gender identity and expression, disability, protected veteran status, or any other protected class.
Education Level:
Bachelors degree or higher
Pay Rate:
Commensurate with experience
HR. Website URL:
https://logistics-sys.com/current-openings/
Security Clearance:
Secret
Travel Requirements:
None