Support the cybersecurity initiatives and provide support to the Defense Health Agency (DHA) Risk Management Executive Division
Review and update the Detailed Architecture Diagram, Detailed Hardware/Software Inventory, and other system artifacts to determine the DoD IT type
Develop the baseline set of impact values (low, moderate, or high) for the medical devices
Identify common controls associated with the inherited controls in the Security Plan
Document responsibilities associated with the inherited controls in the Security Plan
Initiate the tailoring process in eMASS to modify the control set to account for conditions affecting the specific system more closely
Add relevant supplemental security controls and mark extraneous or impertinent controls as “Not Applicable”
Identify security controls to be monitored on an ongoing basis
Review site/organization change control policies
Document the method of applying policies to specific controls
Coordinate with the IV&V Team to clarify information required for Special Access Programs
Lead the execution of the self-assessment activities
Complete applicable checklists in assessing the NIST SP 800-53 Revision 4 controls
Document upload self-assessment checklist results and artifacts documentation in eMASS
Provide support with remediation and mitigation efforts
Create the Risk Assessment Report
Coordinate with the ISSM to confirm the completion of the Security Authorization Package prior to eMASS submission
Assist program leadership with status reports, white papers, weekly activity report, and other ad hoc requirements as necessary
Perform other job-related duties as assigned

Requirements

Bachelor’s Degree in Information Technology or Cybersecurity, or an equivalent combination of education and experience in lieu of a degree
8 years of experience
Federal government contracting experience required
Must possess a Security+ or other IAT Level I, II / IAM Level I, II certification
Ability to maintain an Active DoD Secret clearance
Working knowledge of eMASS
Working knowledge of Risk Management Framework
Working knowledge of DHA mission and environment
Working knowledge of DoD Networks
Working knowledge of the DoD orders process
Working knowledge of USCYBERCOMMAND and JFHQ-DODIN Cyber Tasking Orders (CTO)
Working knowledge of researching and writing white papers, compliance reports, and assessment reports in support activities for defining policy
Working knowledge of developing briefing materials, administrative, and logistic support
Working knowledge of Microsoft Office Suite
Working knowledge of Combatant Commands
Excellent communication and presentation skills (verbal and written)
Excellent Senior Leadership and General Officer / Flag Officer (GO/FO) leadership briefing skills
Excellent interpersonal, organizational, and critical thinking/problem solving skills
Ability to be flexible, dependable, and multi-task with evolving priorities
Ability to provide excellent customer service
Ability to sign and abide by a non-disclosure agreement.

Benefits

401K plan with company match
medical
dental
vision
life insurance
AD&D
flexible spending account
disability
paid time off
flexible work schedule
support for career advancement through professional training and development

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Risk Management FrameworkNIST SP 800-53 Revision 4eMASSSecurity controlsImpact valuesSelf-assessmentRisk Assessment ReportCompliance reportsAssessment reportsBriefing materials

Soft Skills

Communication skillsPresentation skillsInterpersonal skillsOrganizational skillsCritical thinkingProblem solvingFlexibilityDependabilityMulti-taskingCustomer service

Certifications

Security+IAT Level I certificationIAT Level II certificationIAM Level I certificationIAM Level II certification