ALL NATIVE GROUP
Receive alerts when this company posts new jobs.
RMF Analyst #1300
at ALL NATIVE GROUP
- Subject Matter Expert (SME) in a wide range of information technology and applications; familiarity and experience in system design and administration, network, operating system, planning of hardware maintenance and upgrades; planning changes to network hardware, operating systems, and attached devices
- Working with analytic tools, as well as a thorough knowledge of internet communication protocols; create and execute security test plans; ability to advise top management on new developments and advanced cybersecurity techniques.
- Craft artifacts and formulate RMF packages in a Department of Defense (DoD) Information Technology (IT) environment that shall detail system architecture, system configuration, review and analysis of system implementation plans.
- System assessments, audits, reviews, and contingency testing. The person must have experience in a position demanding strong verbal, written and interpersonal communication skills and the ability to: read, analyze, and interpret technical procedures and regulatory requirements; write reports, business correspondence, and procedure manuals.
- Conduct assessments of the RMF impacts of planned functionality and/or architectural changes.
- Identify corrective actions/mitigation strategies to achieve/sustain RMF compliance.
- Experience in the DHA organization is required.
- 5+ years of experience in a RMF Analyst and/or Security Engineer (SE) position, participating in SDLC and Agile actions which resulted in repeatable processes to secure the AIS and achieve/sustain RMF compliance while providing RMF consultation and technical, executable actions, guidance and training.
- 5 years+ of demonstrated experience in crafting RMF source artifacts detailing authentication and authorization concepts, role-based access control to reduce "insider threat" via the "least privilege" concept, system administration guides, incident response and handling.
- 3 years+ of demonstrated experience with performing RMF assessments and mitigations on VMWare, Windows, AIX, Linux, Solaris, Oracle, MS SQL -- database hardening.
- 5 years of hands-on experience with assessment tools including: Fortify, WebInspect, App Detective, DISA Security Requirements Guides (SRG), and DISA Security Technical Implementation Guides (STIGs).
- Experience is required in the use of SDD assessment tools (Fortify, Appdetective, WebInspect, ACAS, and DISA STIGs/SRGs/Checklists) and analysis of the assessment tool results.
- Experience in eMASS and all related modules, to include asset manager.
- Experience utilizing system development lifecycle (SDLC) and Agile methodologies.
- Recent experience in the selection, implementation, validation, and establishment of baseline of Defense Information Systems Agency (DISA) Control Correlation Identifiers (CCI).
- Experience writing RMF assessment scripts and Contingency test plans.
- Experience in the development of responses to Plans of Action & Milestones (POA&M) which account for confidentiality, integrity, and availability.
- Cert: DoDI 8510.01 (DoDM 8570.01-M) IAM Level-III certification.
- Bachelor’s degree in Computer Science, Information Systems, Management Information Systems (Cybersecurity or Cybersecurity concentration is desirable).
- Active SECRET security clearance.
The ALL NATIVE GROUP companies offer a rewarding career experience. In addition to dynamic career opportunities, we provide competitive salaries, excellent benefits, retirement funding, as well as ongoing training and professional development.
We are committed to providing the best possible climate for maximum development and goal achievement for all our employees. As subsidiaries of a Native-owned corporation with offices around the world, ALL NATIVE GROUP companies are proud to promote an inclusive and diverse workplace and respect the cultural traditions in the communities where we operate.
The ALL NATIVE GROUP companies are an equal opportunity employer. All applicants are considered without regard to age, sex, race, national origin, religion, marital status or physical disability. However, preference may be extended to persons of Indian descent in accordance with applicable laws.
EOE/M/F/Vet/Disabled/Sexual Orientation/Gender Identity/Drug Free Employer
SBA 8(a), SDB Certified, HubZone, Buy Indian Certified Native American Tribally-owned company
Pay Type: Salary
Location: Falls Church, VA, USA