Information System Security Officer, Senior (Top Secret)

Resource Management Concepts Inc

MD

JOB DETAILS
SKILLS
Asset Management, Computer Security, Documentation, Government, Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Laboratory, Laboratory Management, Naval Air Systems Command (NAVAIR), Policy Development, Professional Services, Project/Program Management, Resource Management, Risk Analysis, Risk Management, Risk Management Framework (RMF), Security Analysis, Software Evaluation, Systems Administration/Management, Systems Analysis, Technical Support, Test Plan/Schedule, Top Secret Clearance, United States Navy (USN), Use Cases, VRAM
LOCATION
MD
POSTED
30+ days ago

Resource Management Concepts, Inc. (RMC) provides high-quality, professional services to government and commercial sectors. Our mission is to deliver exceptional management and technology solutions supporting the protection and preservation of the people and environment of the United States of America.

RMC is hiring an Information Security Analyst for the role of Information Security Systems Officer (ISSO) to support our NAVAIR customer in Patuxent River, MD. The selected applicant will perform a variety of Information Assurance and Risk Management Framework (RMF) activities, including but not limited to:

  • Serving as a Lead ISSO for a designated NAVAIR program.
  • Conduct Risk Assessments for US Navy RMF packages and provide recommendations to improve the Cyber Security posture through risk mitigation steps
  • Managing day-to-day cybersecurity activities for the team, including the oversight of less senior staff and their assigned responsibilities.
  • Performing duties of the Risk Management Framework (RMF) ISSO role, including:
  • Developing US Navy RMF authorization packages.
  • Performing validation activities for RMC authorization packages.
  • Preparing/Updating RMF documentation.
  • Preparing IATTs and Use Case MFRs as required to support development and testing.
  • Preparing for CyberSafe authorization in parallel with the system authorizations.
  • Establishing Cybersecurity policies IAW security control implementations.
  • Implementing a Cybersecurity Plan.
  • Performing Cyber Tabletop exercises.
  • Performing asset and vulnerability management via VRAM reporting.
  • Performing vulnerability assessments and system authorization activities through collaboration with SMEs (System Administrators, Network Admins, Lab Managers, Program Managers, and ISSMs).
  • Performing system security assessments.
  • Evaluating and reporting software IAW DITPR/DADMS requirements.

About the Company

R

Resource Management Concepts Inc