Acquisition Management Support I
Constellation West · Philadelphia, PA · 2 wk ago
AdministrativeFull-time
About the role
Constellation West is a 29-year WOSB and Prime Federal Contractor bidding on Information System Security work for IT Operations in support of NSWC-PD.
Responsibilities
- Assist with the developing, maintaining, and tracking Risk Management Framework (RMF) system security plans which include System Categorization Forms, Platform Information Technology (PIT) Determination Checklists, Assess Only (AO) Determination Checklists, Implementation Plans, System Level Continuous Monitoring (SLCM) Strategies, System Level Policies, Hardware Lists, Software List, System Diagrams, Privacy Impact Assessments (PIA), and Plans of Action and Milestones (POA&M).
- Execute the RMF process in support of obtaining and maintaining Interim Authority to Test (IATT), AO approval, Authorization to Operate (ATO), and Denial of Authorization to Operate (DATO).
- Identify and tailor IT and CS security control baselines based on RMF guidelines and categorization of the RMF boundary.
- Perform Ports, Protocols, and Services Management (PPSM).
- Perform IT and CS vulnerability-level risk assessments.
- Execute security control testing as required by a risk assessment or annual security review (ASR).
- Mitigate and remediate IT and CS system level vulnerabilities for all assets within the boundary per STIG requirements.
- Develop and maintain Plans of Actions and Milestones (POA&M) in Enterprise Mission Assurance Support Service (eMASS).
- Develop and maintain system level IT and CS policies and procedures for respective RMF boundaries and/or guidance provided by the command ISSMs.
- Implement and assess STIG and SRGs.
- Perform and develop vulnerability assessments with automated tools such as Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP) Compliance Check (SCC) and Evaluate STIG.
- Deploy security updates to Information System components.
- Perform routine audits of IT system hardware and software components.
- Maintain inventory of Information System components.
- Participate in IT change control and configuration management processes.
- Upload vulnerability data in Vulnerability Remediation Asset Manager (VRAM).
- Image or re-image assets that are part of the assigned RMF boundary.
- Install software and troubleshoot software issues as necessary to support compliance of the RMF boundaries’ assets.
- Assist with removal of SSD, HDD or other critical components of assets before destruction and removal from the RMF boundary.
- Provide cybersecurity patching of assets in times of DoD and DoN TASKORDs, FRAGORDs, or even designated by Command ISSM, ACIO, and/or Code 104 management.
- Support configuration change documentation and control processes and maintaining DOD STIG Compliance.
- Support cyber compliance of assets that are part of an enterprise IT network to include Windows server and CISCO networking hardware. This includes assessing vulnerabilities, patching and meeting requirements of the STIG for the hardware.
- Report compliance issues of network hardware to management as not cause an operational of the network.
Qualifications
- Required Interim TS clearance, OR active, final Secret with immediate eligibility for SSBI/T5 investigation
- Bachelor’s degree in business from an accredited college or university.
- Active IAT III certification
- Active professional experience in acquisition management support.
- Professional experience capturing and refining information security operational and security requirements and ensuring those requirements are properly addressed through purposeful architecting, design, development, and configuration; and implementing security controls, configuration changes, software/hardware updates/patches, vulnerability scanning, and securing configurations.
Skills
- Knowledge of RMF guidelines and categorization of the RMF boundary.
- Experience with Ports, Protocols, and Services Management (PPSM).
- Proficiency in performing IT and CS vulnerability-level risk assessments.
- Ability to execute security control testing as required by a risk assessment or annual security review (ASR).
- Experience mitigating and remediating IT and CS system level vulnerabilities for all assets within the boundary per STIG requirements.
- Experience developing and maintaining Plans of Actions and Milestones (POA&M) in Enterprise Mission Assurance Support Service (eMASS).
- Experience implementing and assessing STIG and SRGs.
- Experience performing and developing vulnerability assessments with automated tools such as ACAS, SCC, and Evaluate STIG.
- Experience deploying security updates to Information System components.
- Experience performing routine audits of IT system hardware and software components.
- Experience maintaining inventory of Information System components.
- Experience participating in IT change control and configuration management processes.
- Experience uploading vulnerability data in VRAM.
- Experience imaging or re-imaging assets that are part of the assigned RMF boundary.
- Experience installing software and troubleshooting software issues as necessary to support compliance of the RMF boundaries’ assets.
- Experience providing cybersecurity patching of assets in times of DoD and DoN TASKORDs, FRAGORDs, or even designated by Command ISSM, ACIO, and/or Code 104 management.
- Experience supporting configuration change documentation and control processes and maintaining DOD STIG Compliance.
- Experience supporting cyber compliance of assets that are part of an enterprise IT network to include Windows server and CISCO networking hardware. This includes assessing vulnerabilities, patching and meeting requirements of the STIG for the hardware.
- Experience reporting compliance issues of network hardware to management as not cause an operational of the network.
Benefits
- Competitive 401(k) plan with employer matching
- Competitive Health Benefits with employer contributions
- 11 Paid Holidays per year
- 15 Days starting PTO for new hires
- Tuition/CE reimbursement
- Relocation Assistance
- Pre-Tax Commuter Benefit Accounts
- STD/LTD/Life Insurance with buyup options
- Veteran Hiring Preference
- Conversion to an Employee-owned firm (ESOP) in 2025—a lucrative benefit to employee-owners!
Pay
Commensurate with experience.
Schedule
Nightly Shift