Jobs · Management

Cybersecurity Assessment and Authorization SME

Amyx, Inc. · United States · 1 mo ago
RemoteRemoteManagementFull-time

About the role

Serves as a cybersecurity Subject Matter Expert (SME) with regards to Assessment and Authorization (A&A) of information systems and all associated cybersecurity policies and procedures. Performs a DOD cybersecurity process while either authorizing an information system or serving as a SME for an information system undergoing authorization.

Responsibilities

  • Determines the applicable severity value for an identified vulnerability (e.g., non-compliant security control) and determines the possible ramifications on the system’s current or future authorization.
  • Briefs senior management on the progress or results of an information system undergoing the Risk Management Framework (RMF) process.
  • Run and Analyze system and software scans.
  • Develop and track POA&Ms relative to scan findings.
  • Coincide with DLA ISSMs on vulnerability management and continuous ATO management.
  • Work with Operations and Developments teams to address security findings, apply STIGs and manage the IAVA process.
  • Conduct review meetings for reported issues with stakeholders and move issues through process.
  • Participate and support a SAFe agile release methodology with testers embedded in the Agile Release Train (ART).
  • Have the ability to communicate accurate information daily.
  • Have practical and working knowledge of all Microsoft Office applications.
  • Have analytical and critical thinking skills.
  • Have quality interpersonal skills.
  • Have quality oral and written communication skills.

Requirements

Possess an understanding of how the security controls identified in the NIST 800-53 apply to the process of assessing and authorizing a large organization’s IT infrastructure such as DLA’s, in which there is a compilation of large and small enclaves, AIS applications and outsourced IT processes.

Qualifications

  • Five (5) years of relevant Risk Management Framework (RMF) and NIST A&A experience.
  • DOD cybersecurity experience.
  • Experience in assessing security controls and conducting authorization reviews for large, complex organizations.
  • Experienced in the general tenets supporting the overall DOD implementation of its authorization process, to include supporting cybersecurity policy, procedures, and processes.
  • Knowledgeable in the cybersecurity of emerging technology areas such as Cloud and Industrial Control Systems (ICSs), warehouse execution systems and Operational Technology (OT) infrastructures.
  • DOD Secret Clearance and must possess IT-II Non-Critical Sensitive security clearance or Tier 3 (T3).

Skills

  • OCI Certified.
  • Experience with an Agile Framework.
  • Experience with the Continuous ATO process and integration of those processes with an Agile Framework.

Benefits

  • Medical, Dental, and Vision Plans (PPO & HSA options available).
  • Flexible Spending Accounts (Health Care & Dependent Care FSA).
  • Health Savings Account (HSA).
  • 401(k) with matching contributions.
  • Roth Qualified Transportation Expense with matching contributions.
  • Short Term Disability.
  • Long Term Disability.
  • Life and Accidental Death & Dismemberment.
  • Basic & Voluntary Life Insurance.
  • Wellness Program.
  • PTO.
  • 11 Holidays.
  • Professional Development Reimbursement.

Pay

$100-140k

Schedule

Remote

Similar jobs

Cybersecurity SME

Lucayan Technology Solutions LLCTampa, FL· 2 mo ago
Engineeringapply on ats.rippling.com

Cybersecurity SME

KBR CareersDulles, VA· 5 days ago
Engineering$176k–$215k/yrapply on careers.kbr.com