Job Description
Employee Type: Full-Time
Location: Norfolk, VA
Job Type: RMF
Experience: 5+ Years
Clearance Type: TS/SCI
AERMOR LLC is seeking qualified candidates who will be assisting the Electronic Warfare Database (EWD) directorate of the Naval Information Warfighting Development Center (NIWDC) in organizing and carrying out cybersecurity compliance initiatives. The candidate will support the creation, evaluation, and submission of Risk Management Framework (RMF) packages in order to ensure compliance with cybersecurity regulations. They will also have to research, analyze, and make recommendations in support of network security, risk and compliance policy, and implementation guidelines.
Responsibilities Include:
- Assist with the planning and implementation of cybersecurity Assessment and Authorizations (A&A) and Information Assurance (IA) compliance initiatives for NIWDC EWD Directorate.
- Research, evaluate, and provide documentation, processes and tools in support of enterprise-wide network security decisions and overall cyber resiliency efforts.
- Support the creation, enhancement, and implementation of the RMF process in accordance with DoN/DoD goals and strategies.
- Throughout the RMF lifecycle, develop, evaluate, update, and submit the necessary documentation, diagrams, and electronic submissions for the RMF package.
- Provide risk assessments, network security evaluations, and recommendations for RMF accreditations.
- Perform Package Submitting Office level review and validation of RMF packages in order to fulfill the requirements for the Security Authorization Package level review.
- Assist the Package Submission Office (PSO), Navy Authorization Office (NAO), and Security Control Assessor (SCA) with RMF package products and status.
- Perform the required Federal Information Security Management (FISMA) and RMF annual cybersecurity evaluations and analysis.
- Assist with eMASS management to ensure compliance with DoD and DoN A&A regulations.
- Provide subject-matter knowledge and recommendations for enhancing, putting into practice, and organizing cybersecurity strategies for network modernization.
- Support cybersecurity assessments and investigations.
- Create, organize, schedule, coordinate, and/or assess training resources and products related to cybersecurity.
- Conduct threat and vulnerability assessments and develop mitigation countermeasures.
- Perform research and analysis and provide recommendations in support of network security, risk, and compliance policy and implementation guidelines.
- Review NIWDC compliance to make sure that cybersecurity management, interoperability, and panning are in compliance with relative statuses, regulations, policies, and guidelines.
Required Skills and Experience:
- Bachelor of Science degree in Information Systems, Information Security, Cybersecurity, or related discipline.
- At least five (5) to ten (10) years experience in performing Navy Information Assurance and cybersecurity functions to include at least one (1) year direct experience with RMF and its related components and instructions.
- CompTIA Security+ is required.
- IAM Level II certification is required (e.g. CASP, GIAC, GSLC, CISSP, or CISM).