Start Date: ASAP (onboarding can take 2-4 weeks)
Project Length: 15-18 months
Key duties of the positions include:
· Support the Cybersecurity Division (CSD) Assessment and Authorization (A&A) branch.
· Uses SharePoint and other collaboration tools to collect, monitor, and manipulate C&A documentation through the collection, review, approval, and final distribution processes.
· Validate and upload RMF documentation into the Enterprise Mission Assurance Support Service (eMASS) portal.
· Work closely with government representatives for the validation, approval, and upload of information and artifact into eMASS.
· Process Plans of Action and Milestones (POA&Ms) and Risk Acceptance documentation.
· Review POA&Ms and Risk Acceptance documentation for clarity, detail, and technical accuracy, as needed.
· Support Cybersecurity IT internal and embedded inspection teams.
· Enter/manage data in the Army Portfolio Management Solution (APMS) registry and associated Assessment and Authorization (A&A) requirements for annual Federal Information Security Management Act (FISMA) reporting.
· Supports the Cybersecurity Division (CSD), staff, and senior management in areas of Risk Management Framework (RMF) for DoD IT, DoD/Army Regulations, Incident Response, Software Assurance, and related Cyber disciplines.
· Participate in regular Contingency of Operations (COOP) exercises.
· Work closely with representatives from other divisions and branches (IT, Networking, etc.) to request information, provide clarification, and validate findings, evidence, and POA&M statements.
· Maintain and meet deliverable schedules. Must be proactive in obtaining information from multiple internal and external teams to complete requirements on schedule.
Additional details of positions will be provided to qualified applicants.
· Minimum 2 years’ experience in Cybersecurity as a primary job duty.
· Hands-on eMASS experience is required.
· Certification and Accreditation experience with major network systems and processes required.
· Thorough understanding of NIST Special Publication 800-53 Revision 4 and the RMF Process.
· Familiarity with Committee on National Security Systems (CNSSI) 1253 and overlays.
· Working knowledge of Army Regulation 25-2 and DoD 8500 series instructions.
· Demonstrated ability supporting NIST RMF (Risk Management Framework) in a DoD environment.
· Requires excellent English verbal and writing skills including report generation, presentations, and technical writing.
· Highly organized with the ability to independently maintain schedules and meet deadlines.
· 5+ years’ experience in Cybersecurity, Information Security, or related field.
· 3+ years’ experience supporting NISPOM, DIACAP, DCID, RMF or related Certification and Accreditation processes.
· Knowledge of FISMA, NIST, vulnerability management, incident response and other cybersecurity topics.
· Experience with physical security aspects of Army Information Systems to include proper labeling, spacing, and storage of media and devices.
· Recent experience supporting Army CCRIs and SCA Validations under RMF.
· Understanding of data handling privacy standards to include PII and PHI.
· Familiarity with DISA Security Technical Implementation Guides (STIGs).
· Experience writing/developing System Security Plans (SSP) and Tenant Security Plans (TSP).