Job Description
*This position requires an active Secret Security Clearance and is on-site in Colorado Springs, CO
JOB SUMMARY
Zivaro is looking for a skilled RMF Engineer to primarily support ongoing assessments in Zivaro’s end client environments. The RMF Engineer identifies and resolves moderately complex issues, managing assessments from project initiation through completion. The RMF Engineer will support RMF processes and activities, perform STIG and IAVA verification activities on systems/servers operating Linux Operating Systems, Windows Operating Systems, and other infrastructure devices to support Security Impact Assessments and other related IA artifacts and reports as required.
RESPONSIBILITIES
- Identification, measurement and assessment, mitigation, reporting and monitoring, and governance
- RMF A&A/ Risk Management Framework Assessment & Authorization full life cycle, assessment plans
- Develop, review, and approve plans to assess implemented controls
- Prepare Body of Evidence (BoE) documents such as System Security Plan (SSP), Security Assessment Report (SAR), Risk Assessment Report (RAR), Security Control Traceability Matrix (SCTM), Plan of Action and Milestones (POA&M), System Software and Installation Procedures, Security Test Procedures and Software Application documentation, policy and procedures requirements
- Technical computer/network system auditing of national security information systems and related security requirements (ICD 503, RMF, DIACAP)
- Analyzing audit log data and determine compliance with published standards
- Knowledge and ability to perform Media Custodian and/or Data Transfer Agent functions
- Knowledge and understanding of PowerShell Scripting, Bash Scripting outputs
- RMF based Reporting
- Customer interaction and guidance
QUALIFICATIONS
- Strong communication and customer service skills
- Very strong RMF assessment experience and ability to interface and plan with the customer
- Experience in the oversight and execution of a continuous monitoring/improvement program (to include but not limited to supporting security control assessments, ensure user’s training is up to date, log management systems, automated inventory utilities, etc.).
- Experience successfully interfacing with internal and external customers (SCAs, Program Managers, etc.).
- Experience in the execution and management of IS incident response and administrative inquiries/investigations in collaboration with the external support agencies/departments.
- Experience with the identification, development and oversight of appropriate Cybersecurity policy, processes, and procedures.
- Ability to deliver program IA Accreditations and coordinate with External Stakeholders (Security Control Assessor / Accreditation Authority)
- Strong understanding of security design and architecture with ability to identify solutions to complex IS compliance and security problems
- Demonstrated vulnerability assessment/remediation experience including the coordination or performance of patch/configuration deployments across multiple platforms
- Demonstrated leadership experience with excellent interpersonal skills
- Excellent written & oral communication skills, including presentation skills
- Active Secret Clearance Required – minimum
EDUCATION
Bachelor’s Degree (BA/BS Engineering, Computer Science, or Math) preferred; or equivalent years of professional experience.
U.S. Citizenship is required for most positions at Zivaro due to security clearance requirements and government/federal contracts held by Zivaro.
EEO STATEMENT
ZIVARO fully subscribes to the principles of Equal Employment Opportunity. It is our policy to provide employment, compensation and other benefits related to employment based on qualifications, without regard to race, color, religion, national origin, age, sex, veteran status, disability, sexual orientation, gender identity or any other basis prohibited by federal, state or local law. In accordance with requirements of the Americans with Disabilities Act, it is our policy to provide reasonable accommodation upon request during the application process to eligible applicants in order that they may be given a full and fair opportunity to be considered for employment. As an Equal Opportunity Employer, we intend to comply fully with applicable federal and state employment laws and the information requested on this application will only be used for purposes consistent with those laws.
40 Flex
40 Flex