Cyber Security Professionals with outstanding customer and technical skills and whom shares our passion for results and customer success. In return, we offer challenging and exciting work environments and competitive compensation packages. You will be located in the Tyson's Corner / Falls Church VA area.
If you are interested in being considered for this position please send your most updated resume to Sarah St.Martin at Email blocked - click to apply!
This position requires full U.S. Citizenship, and a recent or current Department of Homeland Security BI highly desired.
Responsibilities and Duties
- Support NIST Risk Management Framework (RMF) based Assessment and Authorization (A&A) activities.
- Monitor and prepare required actions and documents pertaining to the A&A of the system throughout its lifecycle, to include security evaluation findings and residual risks.
- Conduct comprehensive reviews of security authorization documents to ensure the appropriate NIST security guidelines were used during the assessments and the selections of security controls are relevant to the confidentiality, integrity, and availability of the systems.
- Ensure required security authorization activities are completed and the results are documented in the DHS Information Assurance Compliance System IACS / XACTA tool.
- Review and process Interconnection Security Agreements (ISAs), Policy Waivers, Approval to Test (ATT), and Interim Approval to Operate (IATO) documents.
- Review IS security plans and other A&A documents for all applications to determine if DHS mandated procedures and tasks are followed, such as using IACS.
- Assist the Government in preparing a written justification, when appropriate, to obtain a written waiver of policy for mandated security features.
- Ensure that assigned systems/applications meet the minimum DHS A&A standards before a recommendation is made to the CISO for Authorization.
- Attend Compliance Team meetings and provide reports in the approved format on the status of requested activities.
- Update and upload all pertinent information for all systems within the DHS Headquarters FISMA portfolio repository.
- Update relevant FISMA Compliance SOPs on a quarterly basis.
- Provide guidance and support for all assigned Security Authorization activities.
- Conduct Security Authorization entrance conferences.
- Develop a preliminary Security Assessment Report (SAR).
- Create the CSS Plan, including rules of engagement (ROE) for each major application, information system, or GSS undergoing authorization.
- Document the results of the security control assessment, including recommendations for correcting any weaknesses or deficiencies in the controls, analyze findings, and develop risk mitigation techniques to address weaknesses
- Contain the Contractor’s assessment of any required security controls.
Qualifications and Skills
You must have expert knowledge in:
- Must have 5-7 years of relevant experience as a cyber security control assessor
- U.S. Federal Information Assurance (IA), and the Risk Management Framework (RMF)
- Related Best Practices from FedRAMP, NIST, and other sources
- IT Security Engineering Life Cycle and Release Management
- Assessment and Authorization (A&A), Certification and Accreditation (C&A), FISMA, FedRAMP, NIST SP 800-53, RMF
- Risk and Issue Management and Mitigation
- Strong written, verbal communication and presentation skills – no exceptions! Ability to interface with customers including presentations to senior executives
- Demonstrated leadership and team development skills
- Demonstrated success consulting at the senior management level
- Solid time management, planning, and ability to scope prospective engagements, develop proposals and project plans
- Candidates must be US citizens and able to obtain and/or maintain a Department of Defense Active Secret clearance
- Must be on-site 40 hours per week - no telework
- 100% paid premiums for health insurance, dental insurance, vision insurance, short-term and long-term disability, and life insurance for employee and dependents
- 15 days Paid Time Off, in addition to 10 paid holidays
- 401(k) with 3% match
- $5,000 annual reimbursement of job-related training classes, seminars, and tuition
Job Type: Full-time
- RMF/Security Control Framework: 5 years (Required)
- Paid time off
- Parental leave
- Health insurance
- Dental insurance
- Retirement benefits or accounts
- Education assistance or tuition reimbursement
Apex is an Equal Employment Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at 844-463-6178