Senior Security Engineer
Aya Healthcare
AzureCloudDNSDockerSMTPSQLTCP/IPTerraform
Cybersecurity Policy and RMF Analyst
Concept Plus, LLC
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
AzureCloudCyber Security
About the role
- Adhere to the DoD cybersecurity policy requirements set forth in DoDI 8500.01, "Cybersecurity," and DoDI 8510.01, "Risk Management Framework (RMF) for DoD Information Technology (IT)" and their successors.
- Monitor identified risks and track response actions to ensure they support the customer Risk Management Strategy and are properly documented in a risk registry.
- Provide recommendations to business and IT leaders on best business practices followed in the industry to mitigate or remediate risks
- Schedule, conduct, and track RMF validations for each IT Portfolio.
- Review of security controls, as part of a risk assessment, as needed to support an Authorization to Operate (ATO) of an investment.
- Review vulnerabilities and identify potential risks based on the type of vulnerability and the potential impact.
- Identify actions needed to protect information flows to ensure adherence to legal and regulatory standards.
- Coordinate the development of plans and procedures to ensure that business-critical services are recovered in the event of a digital risk event.
- Facilitate and support the development of asset inventories, including digital assets in cloud.
- Track all technology requests.
- Track open vulnerabilities and provide a status on each open risk for each IT Portfolio / Investment.
- Ensure POAMs are current and reflects all known weaknesses.
- Stay up-to-date with the latest Azure and FedRAMP regulatory changes and industry trends, advising teams on potential impacts and necessary adjustments.
Requirements
- US Citizenship
- Active DoD Secret Clearance (or able to obtain)
- Bachelor’s Degree in an IT related field
- Meet DoD 8570 Information Assurance Technician (IAT) Level II or Higher (Sec+ CE or Higher)
- 3+ Years Experience with the Risk Management Framework Process
- 3+ Years Experience operating the Enterprise Mission Assurance Support Service Application (eMASS)
Benefits
- competitive pay
- comprehensive health insurance
- dental and vision insurance
- paid life insurance
- paid time off
- 11 paid holidays
- bonuses
- tuition reimbursement
- unlimited training
- opportunity to work in a collaborative, flexible, innovative environment
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
Risk Management Framework (RMF)security controls reviewvulnerability assessmentrisk assessmentinformation assurancecloud asset inventorydigital risk managementbusiness continuity planningdocumentation managementrisk registry management
Soft skills
communicationrecommendationcoordinationtrackingmonitoringfacilitationadvisingorganizational skillsproblem-solvingleadership
Certifications
DoD Secret ClearanceBachelor’s Degree in ITDoD 8570 IAT Level IISecurity+ CE
