Leidos is seeking a Department of Defense (DoD) Risk Management Framework (RMF) expert to lead various IT security risk management tasks and policy oversight across the Defense Threat Reduction Agency (DTRA) in a high-paced, dynamic environment.
Responsibilities and tasks may include some or all of the following:
- Running ACAS scans, SCAP scans and manually going through STIG checklists.
- Very strong technical experience on Microsoft.
- Helping with the preparation of the Security Assessment Plan.
- Expert with a complete security control validation and assessment of a system or network to address known threats and vulnerabilities. The evaluation must consider and identify impacts as well as consideration of existing risk mitigation strategies.
- Developing Plan of Action and Milestones (POA amp;M) based on the assessment results.
- Ensure traceability of all vulnerabilities from raw assessment results to the POA amp;M.
- Conducting required vulnerability analysis to support mitigation and residual risk determination.
- Assisting with eMASS data entry requirements.
- Supporting the continuous monitoring program as necessary when Information System Continuous Monitoring (ISCM) results will be used to support continuing authorization requirements or ongoing authorizations.
REQUIRED SKILLS AND EDUCATION:
10+ years of direct experience.
Active TS security clearance or higher.
Expert with RMF accreditation packages.
Experience in all steps of the RMF process.
Expert in evaluating security controls and compliance on a variety of hardware and software systems.
Expert with eMASS.
Ability to work effectively independently as well as within a team environment.
Experience with assessing ACAS scans and importing into eMASS.
Demonstrated a strong work ethic and ability and willingness to take on new challenges.
Experience with writing SSPs.
External Referral Eligible