GENERAL SUMMARY: Seeking candidates with Risk Management Framework (RMF) Information Systems Security Engineer (ISSE) experience. Primary responsibility is to perform tasks related to Assessment & Authorization (A&A) and cybersecurity to obtain and maintain Authorizations to Operate for US Navy afloat and ashore systems.

PRINCIPAL DUTIES/RESPONSIBILITIES:

• Lifecycle cybersecurity support of US Navy systems
• Lead the RMF process for assigned programs, organizations, systems, or enclaves
• Manage POA&M entries and ensuring vulnerabilities are properly tracked, mitigated, and resolved
• Assemble the Security Authorization Package and submit for adjudication
• Assess the quality of security control implementation against all requirements in accordance with the approved SLCM strategy
   

SKILLS AND ABILITIES: 

Essential Skills:

• Experience with Risk Management Framework (experience under DoD a plus)
• Experience using the Enterprise Mission Assurance Support Service (eMASS)
• Experience with Assured Compliance Assessment Solution (ACAS)
• Demonstrated efficiency and experience in the following areas:
• RMF package development and management, including POA&Ms (mitigation statements), Security Plans, Risk Assessments, architecture diagrams, and hardware/software inventories
• NIST 800-53 control validation

EDUCATION AND EXPERIENCE REQUIREMENTS:

BS degree in Computer Science, Information Technology, Cyber Security, Systems Engineering, Mathematics, or a comparable field or equivalent years of experience.

• 3+ years’ experience in DoD Assessment and Authorization (A&A)
• 1+ years’ experience working with the Risk Management Framework (RMF)

SPECIAL REQUIREMENTS:

Successful applicants must either have an active government security clearance or the ability to receive approval upon position acceptance.

• Must have a valid US passport or the ability to obtain one upon position acceptance.
• DoD 8570-compliant (CompTIA Security+ CE)
• CISSP preferred
• Ability to obtain OS certification or complete approved related training within 180 days of hire
• Prior Information Security Systems Engineer (ISSE) experience a plus.

EHS Technologies is an Equal Opportunity Employer. Employment decisions are made without regard to race (as well as because of or on the basis of traits historically associated with race, including hair texture, hair type, and protective hairstyles such as braids, locks, and twists), color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, pregnancy, childbirth, lactation and related medical conditions, genetic factors, military/veteran status, or other characteristics protected by law.