Responsible for ensuring the appropriate operational security posture is maintained within the Command Naval Installation Command (CNIC) Service Delivery Point (SDP). Responsible for all certification and accreditation activities required in Risk Management Framework to obtain and maintain Authority To Operate (ATO). Candidate must have TS clearance.
Primary support for the SDP enterprise compliance and RMF package support to include (3) NIPR packages and (1) SIPR package.
Primary support and performance of annual security reviews, annual testing of security controls, and annual testing of the contingency plan, in line with FISMA requirements.
Primary support for ensuring guidelines (e.g., STIGs/SRGs)
Primary support for maintaining Vulnerability Remediation Asset Manager (VRAM) compliance reporting for all assets within SDP accreditation boundary
Primary on all documentation tasking.
Primary support to verify all software is approved and in good standing in DON Application and Database Management System (DADMS). Will be required to submit Last Day Approved (LDA) extensions prior to software expiring
Provide overall tracking and reporting of cybersecurity postures (accreditation status of infrastructure and systems, HBSS, and ACAS reports)
Ensure proper configuration management procedures are followed prior to implementation and contingent upon necessary approval via CMB/CCB
Ensure software/hardware are approved in DON Application and Database Management System (DADMS) prior to installation and contingent upon necessary approval via CMB/CCB
Ensure IA and IA-enabled software, hardware, and firmware comply with appropriate security configuration guidelines.
Initiate protective or corrective measures, upon discovery of a security incident or vulnerability
Interface with and provide security guidance to system administrators to include providing cybersecurity briefs and/or training to an organization
Assist the CISSM in executing their duties and responsibilities as needed.
Work with CISSMs or designated personnel during Command Cyber Readiness Inspections (CCRI)
Knowledge, Skills and Ability:
Working knowledge of DoD and Navy security policies and procedures.
Working Knowledge of industry standards including but not limited to: Defense Information System Agency (DISA) Security Technical Implementation Guide (STIGs), NIST 800 Series, NIST Cybersecurity Framework and CIS Benchmarks
Working knowledge on Assured Compliance Assessment Solution (ACAS) /Security Center
Must previous experience on Risk Management Framework (RMF)
Must have previous experience with Navy eMass
Must have TS clearance
Working knowledge of STIG viewer
Working knowledge vulnerator and/or eMaster
Excellent written and verbal communication skills.
Excellent organizational skills
Attention to details
Ability to work in fast pace environment with constant changes to environment
Familiar with DISA STIGs and ability to assess compliance.
Familiar with VRAM (Vulnerability Remediation Asset Manager)
Ability to work as the enterprise focal point for all Cybersecurity matters.
Ability to interface with system administrators across various site locations.
Ability to assist the CISSM with the Monitoring, Reporting, ASR, CCRI.
Bachelors degree in Information Systems, Computer Science, or Mathematics, Engineering, related field
6+ years of experience
6 + years’ experience providing support for implementing, and enforcing information systems security policies, standards, and methodologies.
Understanding of Risk Management Framework (RMF), NIST, ICD, and CNSS standards.
Experience with DoD Risk Management Framework (RMF)
Experience using Assured Compliance Assessment Solution (ACAS) Software suite
Experience Navy Enterprise Mission Assurance Support Service (eMass)
Experience with Vulnerability Remediation Asset Manager (VRAM)
TS clearance required
Must be DoD 8570 compliant at IA Technical (IAT)/IA Management (IAM) Level 2 by possessing one of the following certifications: CCNA Security, CySA+, GICSP, GSEC, Security+, CND, SSCP - CAP, CASP, CISM, CISSP, GSLC, CCISO, HCISPP
This position requires being fully vaccinated against COVID-19 by January 18, 2022 or the start date, if after January 18. Individuals who work in or reside in Florida, Montana, Tennessee, Texas, or work outside of the United States may be excluded from this requirement.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.