Enterprise Mission Assurance Support Service (eMASS)
Risk Management Framework
Public Trust: None
Requisition Type: Regular
Own your opportunity to work with the largest government agency in the nation. Make an impact by advancing the Department of Defense’s mission to keep our country safe and secure.
Join General Dynamics Information Technology (GDIT) and be a part of the team of men and women that solve some of the world’s most complex technical challenges. The NCIS program is searching for Cyber Security Analyst to join their team in Quantico, VA.
The Naval Criminal Investigative Service (NCIS) is an organization of over 2,200 personnel of which 700 serve at HQ and the remaining staff serve at offices worldwide. NCIS is the Department of Navy (DON) component with primary responsibility for criminal investigation, law enforcement (LE), counter-terrorism (CT), counterintelligence (CI), and cyber matters. NCIS not only has primary responsibility for all criminal investigative, CI, CT, and cyber matters within the DON, but it also has exclusive investigative jurisdiction in non-combat matters involving actual, potential, or suspected criminal, terrorism, sabotage, espionage, and subversive activities.
Supports all authorization package ACAS related tasks assigned to ISSEs and NQVs. The goal is to provide the required artifacts IAW the Navy Testing Guidance and Risk Management Framework (RMF) Process Guide required for the submission of an RMF Authorization package.
Performs 90 Day Baseline Scans for each Authorization package in accordance with Navy requirements; provide Detailed Vulnerability List (DVL) Reports for use in the eMASS record; provide ACAS Summary Reports in accordance with the Navy Testing Guidance.
Conducts weekly and “As Needed” ACAS scans in support of RMF STEP 3/STEP 4 processes, vulnerability assessments and queries specifically targeting authorization package assets; support continuous monitoring for authorized packages and report vulnerability status of all active Enterprise Security packages; create asset lists using provided hardware lists.
Performs risk analyses of computer systems and applications during all phases of the system development life cycle using the Assured Compliance Assessment Solution (ACAS) tool.
Initiates Enterprise Mission Assurance Support Service (eMASS) registrations, prepares, processes, updates and monitors RMF Assessment and Authorization (A&A) packages; ensures A&A packages are evaluated and maintained in a compliant status; implements and validates A&A packages to ensure security controls and vulnerabilities meet DON RMF authorization compliance requirements.
5+ years of experience in the systems security discipline with specific emphasis on Navy Cybersecurity practices.
Must meet or exceed OPNAVINST 5239 requirements to be certified as a Navy Qualified Validator or must be certified within six months of start date.
Experience in the development of RMF Assessment and Authorization (A&A) Security Plans (SP), System Level Continuous Monitoring (SLCM), Ports, Protocols and Services Management (PPSM), Host Based Security Systems (HBSS), Assured Compliance Assessment Solution (ACAS) vulnerability scanning.
Experience with Enterprise Mission Assurance Support Service (eMASS) tools.
Experience preparing, processing, assessing, validating, and maintaining RMF A&A packages using eMASS and XACTA tools.
Experience with using public key-based technologies for applications.
Security+ certification or equivalent.
Top Secret clearance w/ SCI eligibility
Completed Navy RMF training
Formal ACAS training
Formal eMASS training
WHAT CAN GDIT OFFER YOU?
Excellent customizable health benefits (Medical, Dental and Vision)
401K with company match
Educational Assistance and eLearning
Flexible work week
Internal mobility team dedicated to employee advancement
Rewards and Recognition programs
Innovative and collaborative environment encouraging of highly motivated critical thinking
Years of Experience
5 + years of related experience
* may vary based on technical training, certification(s), or degree
CompTIA - Security+ - CompTIA
U.S. Citizenship Required
About Our Work
We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.