RMF Engineer with Security Clearance - Charleston, SC, United States - acuCyber

    acuCyber
    acuCyber Charleston, SC, United States

    2 weeks ago

    Default job background
    Technology / Internet
    Description
    The Assessment and Authorization (A&A) SME will manage customer-required Risk Management Framework (RMF) efforts for Department of Defense (DoD) customers
    This role will work collaboratively with Information Technology (IT) Engineers and System Administrators to conduct Cyber Security (CS) analysis, mitigation, remediation, and monitoring to ensure compliance with applicable DoD and Department of the Navy (DON) policies, procedures, and regulations

    This position includes all activities associated with obtaining and maintaining RMF Authority to Operate (ATO) for systems within the customer's multi-faceted network infrastructure, which includes multiple platforms residing on multiple security enclaves.


    • Manage Plans of Actions and Milestones (POA&Ms) resulting from system vulnerabilities from ACAS scans and STIG checks.
    • Maintain package artifacts and test results within eMASS.
    • Coordinate with configuration management personnel to process Requests for Change (RFCs) into Use Cases
    • Review and recommend updates to package artifacts such as policies and procedures to address non-compliant controls.
    • Assist with annual security reviews to maintain ATOs.
    • Identify and coordinate with ATO stakeholders to ensure system documentation reflects current system security configurations to include hardware and software components; data flow; interconnections; and ports, protocols, and services, etc.
    • Develop risk acceptance documentation for pending vulnerabilities Required Skills
    • 4+ years performing A&A responsibilities including policy development, control testing, POA&M management, and Configuration Management.
    • 8+ years' experience supporting an IT Enterprise environment in a cyber, system administration, engineering or management capacity.
    • Secret clearance or higher preferred.
    • 8570 compliance (Active Security and OS certifications)
    • Experience using MS office tools such as Excel, Word and Visio.
    • Experience working with DoD tools such as eMASS.
    • Experience working with security engineers to review compliance scans.
    • Experience performing cybersecurity assessments using standards such as CIS Benchmarks, DISA STIGS, etc.
    • Broad technical experience related to IT operations, networks, OS's, and system administration.
    • Excellent customer service and organization skills.
    • Excellent verbal and written communication skills.
    • Ability to work both independently and as a member of a team.
    • Travel: Minimal travel expected at this time; as required by project
    About acuCyber acuCyber is a small business headquartered in Charleston, SC specializing in assisting clients with their most challenging needs around cyber security, compliance, risk management, IT, security engineering and program management
    acuCyber brings experience across multiple sectors supporting a multitude of customers
    We bring value-added, effective, precise support to ensure your cybersecurity and IT needs are met
    Your mission becomes our mission
    Securely.