Powder River Industries

RMF Security Engineer

Powder River Industries

full-time

Posted on:

Location: Virginia • 🇺🇸 United States

Visit company website
AI Apply
Apply

Job Level

Mid-LevelSenior

Tech Stack

CloudCyber SecurityJavaScript

About the role

  • RMF security engineer with 5 years RMF/Sec engineering experience
  • Provides end-to-end A&A support for DoD cybersecurity, privacy, and financial controls implementation, testing, monitoring, and enforcement
  • Interprets risks and recommends approaches to meeting DoD compliance and cybersecurity requirements in accordance with NIST Risk Management Framework (RMF) Controls and DoD Policy
  • Supports risk management tasks, POA&M, ST&E, system documentation, authorizations, risk assessments, third-party audits, ensuring compliance with NIST 800-53 standards, and performing threat assessments according to the RMF lifecycle and processes
  • Interprets risks and recommends approaches to meeting DoD compliance and cybersecurity requirements in accordance with NIST RMF and DoD Policy.

Requirements

  • DoD Secret Clearance (Must be active as we're unable to sponsor)
  • 5 years of experience
  • Experience in mapping, implementing, interpreting, and documenting RMF security controls
  • Experienced managing the eMASS cybersecurity management tool
  • Experience developing and submitting at least six (6) ATO packages
  • Thorough understanding of the Risk Management Framework (RMF) Assessment and Authorization (A&A) process within the federal government, including knowledge of all phases of the RMF lifecycle
  • Proven experience in assisting client risk management tasks, such as managing POA&M, conducting Security Tests and Evaluations (ST&E), creating system documentation, performing authorizations, carrying out risk assessments, handling third-party audits, ensuring compliance with NIST 800-53 standards, and performing threat assessments according to the RMF lifecycle and processes
  • Demonstrated proficiency to plan and monitor security control implementation for the protection of networks, enclaves, and information systems
  • Strong communication abilities, including working closely with highly technical administrators to enhance overall security measures
  • Ability to generate and interpret ACAS scans to identify system vulnerabilities and monitor remediation efforts or mitigation strategies
  • Working knowledge and experience implementing and evaluating manual Security Technical Implementation Guides (STIGs), Security Content Automation Protocol (SCAP), and SCAP Compliance Checker (SCC)
  • Working knowledge of common assessment & authorization (A&A) application platforms e.g. eMASS, CSAM, Xacta, etc.
  • Previous experience in a technical role such as a system or network administrator is a plus.
Live Nation Entertainment

Manager, Cyber Security Risk

Live Nation Entertainment
Mid · Seniorfull-time$104k–$130k / yearCalifornia · 🇺🇸 United States
Posted: 1 hour agoSource: livenation.wd503.myworkdayjobs.com
Cyber Security
Capital One

Senior Manager, Customer Trust & Field Security Specialist

Capital One
Seniorfull-time$205k–$234k / yearVirginia · 🇺🇸 United States
Posted: 2 hours agoSource: capitalone.wd12.myworkdayjobs.com
Cyber Security
CVS Health

Senior Manager, Cybersecurity Compliance

CVS Health
Seniorfull-time$118k–$237k / yearTexas · 🇺🇸 United States
Posted: 3 hours agoSource: cvshealth.wd1.myworkdayjobs.com
CloudCyber Security
AIG

Vice President, IT Application Security

AIG
Leadfull-time$140k–$165k / yearNew Jersey, North Carolina, Texas · 🇺🇸 United States
Posted: 3 hours agoSource: corebridgefinancial.wd1.myworkdayjobs.com
CloudCyber SecurityPythonSDLC
DLA Piper

Data Privacy, Cybersecurity Litigation Associate

DLA Piper
Junior · Midfull-time$310k–$390k / yearCalifornia · 🇺🇸 United States
Posted: 4 hours agoSource: dlapiper.wd1.myworkdayjobs.com
Cyber Security