Be an early applicantLess than 25 applicants

Company

Sentar Inc. · 1 day ago

RMF & ISSM Support Specialist

United States

Full-time

Remote

Senior Level, Lead/Staff

10+ years exp

Maximize your interview chances

AnalyticsCyber Security

Growth Opportunities

No H1B

Insider Connection @Sentar Inc.

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Coordinate with various stakeholders, e.g., Security Engineers, Network Administrators, System Administrators, Chief Information Officers (CIOs), Information Assurance Managers (IAMs) / Information Systems Security Managers (ISSMs), certification authorities (and representatives), accreditation authorities (and representatives), program managers, vendors, etc., necessary to properly identify, document, mitigate, and manage risk attributed to the target system, network, and/or application;

Identify, develop (directly or in coordination with applicable experts), and incorporate common artifacts found in RMF authorization packages, e.g., system architecture and boundaries, hardware and software inventories, policies and procedures, risk assessment reports, POA&Ms, data flows, PPSM accounting, and other necessary system, network, and application documentation;

Apply knowledge and experience in identifying, assessing, and documenting compliance against applicable DoD Information Assurance (IA) security controls (technical, management, operational), Service (e.g., Army) regulations, etc., within the RMF package;

Apply knowledge of, and ability to use, applicable compliance and authorization reporting environments (e.g., eMASS, CMRS) to document the progress of RMF risk assessments;

Conduct root cause analysis for inconsistencies or shortfalls in system cybersecurity posture;

Utilize vulnerability scanning and assessment tool results (e.g., ACAS/Nessus/STIG Viewer/SCAP) necessary to identify and document compliance while providing cybersecurity recommendations based on organizational requirements;

Analyze Host-Based Security System (HBSS) and/or Endpoint Security Solution (ESS) output and configurations;

Coordinate with system POCs, review authorization boundary diagrams, architecture/data flow diagrams, hardware/software inventories, IP address/subnet assignments, Med-COI Zone taxonomy, and other artifacts;

Utilize compliance and authorization reporting environments (e.g., eMASS, CMRS, COAMS, Microsoft Endpoint Configuration Manager (MECM), and Phoenix) and coordinate with system POCs to explain compliance requirements, assist in reaching compliance, and provide training;

Develop meeting agendas/briefings and lead/attend and speak in meetings with stakeholders to discuss status of efforts;

Apply NIST, DoD, and DHA security requirements to include NIST SP 800-53 controls, DISA Security Technical Implementation Guides (STIGs), and Security Requirements Guides (SRGs);

Submit Weekly Status Reports (WSRs), when applicable.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

RMF experienceEMASSNIST SP 800-53IAT Level II certificationO365 toolsDISA STIGS/SRGs10+ years technical experienceHBSS/ESSMECMPhoenixProject management

Required

Clearance Level: Secret

10+ years of technical experience or a Bachelor's Degree and 6+ years of technical experience.

Minimum 5 years of RMF experience

Demonstrated experience with eMASS or similar RMF application.

Proficient at O365 tools and environments, to include MS Teams, SharePoint, PowerPoint, Word, Excel, Visio, OneNote, and other related applications.

Proficient at providing exceptional customer service.

Familiarity with NIST SP 800-53, DISA STIGS/SRGs, CMRS, HBSS/ESS, MECM and Phoenix.

Aptitude to provide thought leadership to the ISSM efforts to maintain an organizational or system-level cyber security program.

Ability to identify, interpret and evaluate major applications, infrastructure, enclaves, and enterprise system environments based on proposed authorization boundaries.

Ability to manage multiple projects simultaneously and thrive in a remote environment.

Ability to work independently while also contributing to team member productivity.

Must possess strong verbal/written communications and interpersonal skills.