Risk Management Framework Specialist - Security Clearance Required

Req ID : 32216

Summary

Risk Management Framework Specialist

Suffolk, VA

Chenega Analytic Business Solutions (CABS) provides federal agencies and commercial customers with trusted insights into Records and Information Management, Administrative Solutions, Information Technology, Engineering, and Training.

Formed in 2017 to serve federal and commercial customers, CABS is 8(a) certified and has grown quickly into a leader in the federal IT and Training environment.

Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a career where professional development is embedded in your employer’s core culture?

If so, Chenega Military, Intelligence & Operations Support (MIOS) could be the place for you! Join our team of professionals who support large-scale government operations by leveraging cutting-edge technology and take your career to the next level!

The Risk Management Framework Specialist will provide project management, detailed subject matter expertise, and expert guidance to government personnel in the execution of Command-wide Cybersecurity in support of Defensive Cyber Operations for the US Navy at Navy Cyber Defense Operations Command in Suffolk VA.

Responsibilities

Manage cybersecurity, certification and accreditation and configuration change boards of all NCDOC Classified and Unclassified networks.

Creates, reviews, updates, and validates Cybersecurity Standard Operations Procedures (SOPs) as required.

Reviews and maintains an inventory of authorized software (software custodian).

Reviews and maintains an inventory of devices and media.

Audits and validates configurations deployed on laptops, workstations, and servers.

Audits and validates configurations of network devices based on DISA STIGs, or defining and implementing compensating controls of such STIGs as required to ensure mission execution.

Maintain and update all Risk Management Framework (RMF) and C&A documentation to ensure the relevancy and currency of Navy Red Team assets to include required revisions and updates in eMass.

Conduct comprehensive annual RMF package reviews to ensure continued compliance of the Navy Red Team tool suite and / or Networks.

Ensure traceability is maintained throughout the RMF submission process (e.g. : C&A Plan, POAM, RAR, Topology, Software, Ports Protocols and Services, Test Plan).

Maintain network and system documentation in DITPR-DON / DADMS.

Maintain documentation and registration of Network Ports, Protocols, and Services.

Maintain circuit registrations in the Global Interconnection Approval Process System (GIAP) and Systems / Network Approval Process (SNAP).

Maintain and report on the status of all outstanding C&A items and supporting documentation.

As a member of the Configuration Control Board (CCB), ensures CCB-approved changes are timely and accurately reflected in the C&A documentation.

Support compliance validation of current and future directives (e.g. : IAVs, STIGs, CTOs).

Provide recommendations for corrective action of any non-compliant security controls.

Execute DISA STIG validations for systems in conjunction with C&A package reviews annually.

Provide security expertise to ensure security controls are implemented and the resulting documentation and artifacts are current.

Prepare reports on scanning results and configuration management observations monthly.

Document assessment activities and results in sufficient detail to enable external review of all assessment processes, activities, results, and conclusions.

Conduct and document a semi-annual tabletop exercise (two times) each calendar year.

Produce test plans, draft after actions, and other documents for review and comment.

Review and / or revise Business Impact Analysis (BIA) to include business process, IT dependency, and physical security assessments annually.

Review and analyze IT contingency / disaster recovery plans for NIST and DoN Compliance, and produce checklists for IT systems.

Assist with exercise and / or training and documentation of IT contingency plan and execution.

Maintain a neat, secure, and orderly facility.

Complete annual company and customer training requirements according to established policies and procedures, as required.

Record labor hours daily in an online corporate system.

Travel up to 10% as required.

Other duties as assigned.

Qualifications

High school diploma or GED required.

1+ years of experience with Assured Compliance Assessment System (ACAS) and / or Nessus.

5+ years of Certification and Accreditation (C&A) package assembly experience.

Certified Information Systems Security Professional (CISSP) certification is required.

Risk Management Framework (RMF) training and certification is desired.

Prior appointment as a Fully Qualified Navy Validator is preferred (experience with DOD validation will be considered on a case-by-case basis).

Current CompTIA Security+ required to start.

Must be a U.S. Citizen.

Must possess a valid U.S. driver’s license.

Top Secret / SCI clearance required to start.

Knowledge, Skills, and Abilities :

Ability to work in a team setting, as well as independently.

Self-starter : identify issues and create an action plan for resolution.

Demonstrated initiative, flexibility and ability to concurrently manage multiple deadline-driven tasks and projects.

Excellent communication skills.

Ability to travel up to 10% as requested.

How you’ll grow

At Chenega MIOS, our professional development plan focuses on helping our team members at every level of their careers to identify and use their strengths to do their best work every day.

From entry-level employees to senior leaders, we believe there’s always room to learn.

We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world.

From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their careers.

Benefits

At Chenega MIOS, we know that great people make a great organization. We value our team members and offer them a broad range of benefits.

Learn more about what working at Chenega MIOS can mean for you.

Chenega MIOS’s culture

Our positive and supportive culture encourages our team members to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them be healthy, centered, confident, and aware.

We offer well-being programs and continuously look for new ways to maintain a culture where we excel and lead healthy, happy lives.

Corporate citizenship

Chenega MIOS is led by a purpose to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our team members, and our communities.

We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities.

Learn more about Chenega’s impact on the world.

Chenega MIOS News- https : / / chenegamios.com / news /

Tips from your Talent Acquisition Team

We want job seekers exploring opportunities at Chenega MIOS to feel prepared and confident. To help you with your research, we suggest you review the following links :

Chenega MIOS web site - www.chenegamios.com

Glassdoor - https : / / www.glassdoor.com / Overview / Working-at-Chenega-MIOS-EI IE369514.11,23.htm

LinkedIn - https : / / www.linkedin.com / company / 1472684 /

Facebook - https : / / www.facebook.com / chenegamios /

Chenega Analytic Business Solutions, LLC

Chenega Corporation and family of companies is an EOE.

Equal Opportunity Employer / Veterans / Disabled

Native preference under PL 93-638.

We participate in the E-Verify Employment Verification Program