Leidos is seeking a Department of Defense (DoD) Risk Management Framework (RMF) expert to lead various IT security risk management tasks and policy oversight across the Defense Threat Reduction Agency (DTRA) in a high-paced, dynamic environment.
Responsibilities and tasks may include some or all of the following:
- Running ACAS scans, SCAP scans and manually going through STIG checklists.
- Very strong technical experience on Microsoft.
- Helping with the preparation of the Security Assessment Plan.
- Expert with a complete security control validation and assessment of a system or network to address known threats and vulnerabilities. The evaluation must consider and identify impacts as well as consideration of existing risk mitigation strategies.
- Developing Plan of Action and Milestones (POA amp;M) based on the assessment results.
- Ensure traceability of all vulnerabilities from raw assessment results to the POA amp;M.
- Conducting required vulnerability analysis to support mitigation and residual risk determination.
- Assisting with eMASS data entry requirements.
- Supporting the continuous monitoring program as necessary when Information System Continuous Monitoring (ISCM) results will be used to support continuing authorization requirements or ongoing authorizations.
REQUIRED SKILLS AND EDUCATION:
Experience with RMF accreditation packages.
Experience in all steps of the RMF process.
Expert in evaluating security controls and compliance on a variety of hardware and software systems.
Experience with eMASS.
Excellent Communication skills.
Ability to work effectively independently as well as within a team environment.
Experience with assessing ACAS scans and importing into eMASS.
Demonstrated a strong work ethic and ability and willingness to take on new challenges.
Experience with writing SSPs.
Active Top Secret Clearance or higher.
AS degree with 10+ years of experience or
BS degree with 8+ years of experience or
MS degree with 6+ years of experience.
External Referral Eligible