Cyber Security RMF Support jobs in United States
info-icon
This job has closed.
company-logo

KBR, Inc. · 1 month ago

Cyber Security RMF Support

positionEl Segundo, CA
timeFull-time
remoteHybrid
seniorityEntry, Mid Level
money$135K/yr - $168K/yr
date2+ years exp

KBR, Inc. is a leading provider of engineering and advanced technology solutions for national security. The Cyber Security RMF Support role involves ensuring security compliance and supporting the Systems Engineering & Integration activities for US Space Force satellite communications, while collaborating with various stakeholders to mitigate risks and enhance cybersecurity measures.

ConsultingCyber SecurityInformation TechnologyProject ManagementSoftware EngineeringTraining
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Support the SSC with ensuring security, quality, timeliness, mission partner support, completeness, and regulatory compliance of ATO RMF documentation
Experience creating, editing and reviewing RMF, policy documents to implement administrative controls for each of the Rev 5 control families
Experience developing and reviewing and performing self-assessments of control narratives and System Control Traceability Matrix (SCTM)
Experiencing reviewing and editing ATO artifacts such as Ports, Protocol and Services, matrix and Hardware/Software lists
Proposing, coordinating, implementing, and enforcing all Department of the Air Force information system security policies, standards, and methodologies
Familiarity with vulnerability assessments using the Assured Compliance Assessment Solution (ACAS), Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG), and the Security Content Automation Protocol (SCAP) Compliance Checker, incorporating automated Benchmarks
Knowledge of evaluating operating systems and network devices security configuration in accordance with Defense Information Systems Agency (DISA) approved Security Technical Implementation Guides
Performing security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information systems
Ensures software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., security technical implementation guides /security requirement guides)
Ensures proper configuration management procedures are followed prior to implementation and contingent upon necessary approval. Coordinate changes or modifications with the system-level Information System Security Manager (ISSM), Security Control Assessor (SCA), and/or the Wing Cybersecurity office
During system development, recommends protective or corrective measures, in coordination with the ISSM, when a security incident or vulnerability is discovered
During system development, reports security incidents or vulnerabilities to the system-level ISSM and wing cybersecurity office according to AFI 17-203, Cyber Incident Handling
Recommends exceptions, deviations, or waivers to cybersecurity requirements
Preparing certification letters and Memoranda of Agreement (MoA), Authorization to Connect (ATC) packages, Interconnection Security Agreement (SIA), and Security Impact Assessments with system owners for interface and networking implementations
Support the following responsibilities: security control assessor (SCA) and Security Technical Implementation Guide (STIG) curated to DOD/DAF/USSF baselines, audit standards, and plan of actions and milestones (POAM)
Attend cleared expert threat briefings; have oversight of security program design, incident response plans, cyber risk assessments, and attack surface assessments; investigate security breaches, perform red, blue, purple, ethical hacking, orchestrate vulnerability assessment, develop security protocols, conduct tabletop exercises, and breach readiness reviews
Completes and maintains required cybersecurity certification in accordance with (IAW) AFMAN 17-1303

Qualification

Risk Management Framework (RMF)Information Assurance/CybersecuritySecurity Technical Implementation Guide (STIG)Vulnerability AssessmentsLinux/Unix Command LineNetwork Analysis ToolsSecurity Control MonitoringDoD Approved Baseline CertificationCollaborationProblem SolvingCommunication Skills

Required

An active Secret clearance is required for this position
BA or BS degree in engineering, physics, chemistry, mathematics, computer science, network, and telecommunications; information systems, information technology, or computer information systems
Minimum 2 years of continuous Information Systems, Information Assurance/Cybersecurity (IA/CS) experience
Understanding and working knowledge of Risk Management Framework (RMF) Rev 5 and DODI 8510.01
2 continuous years of experience with security controls and implementation delineated in Committee of National Security Systems Instruction (CNSSI) 1253, National Institute of Standards and Technology (NIST), Special Publication (SP) 800-53, and the Joint Special Access Program Implementation Guide (JSIG)
2 continuous years of experience with performing vulnerability assessments using Assured Compliance Assessment Solution (ACAS), Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG), the Security Content Automation Protocol (SCAP) Compliance Checker, incorporating automated Benchmarks
2 continuous years of experience using SolarWinds and Splunk or other network analysis tools
Extensive experience working with Linux/Unix Command Line Interface and using regular expression queries
Ability to read and extract Cisco configuration files
2 continuous years of experience implementing operating systems and network devices security configuration in accordance with Defense Information Systems Agency (DISA) approved Security Technical Implementation Guides
2 continuous years of experience performing security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information systems
Experience identifying Common Criteria and National Information Assurance Partnership (NIAP) certified technologies and the DISA Approved Products List (APL)
Experience working in a military organization in a cybersecurity role with military tactical or enterprise systems
Possess DoD Approved Baseline Certification as Information Assurance Manager Level II in accordance with DoDM 8140.03. (i.e., CompTIA CASP+, CISSP)

Preferred

Master's degree in Computer Science/Engineering with emphasis in Cyber Security
5+ years of work experience in Cyber Security
5+ years of work experience in System Engineering Architecture/Design
Linux and Cisco certifications
DoD Space program experience
Security Test and Evaluation (ST&E)
TS/SCI Clearance

Benefits

401K plan with company match
Medical
Dental
Vision
Life insurance
AD&D
Flexible spending account
Disability
Paid time off
Flexible work schedule

Company

KBR, Inc.

twittertwittertwitter
Glassdoor4.0
company-logo
At KBR, we deliver science, technology and engineering solutions that are helping governments and companies around the world take on the great challenges of our time.
dateFounded in 1919
location
Houston, Texas, USA
people-size10001+ employees
web-link
https://www.kbr.com

Funding

Current Stage
Public Company
Total Funding
unknown
2006-11-17IPO

Leadership Team

leader-logo
Stuart Bradie
President and Chief Executive Officer
leader-logo
Mark W. Sopp
EVP and CFO
linkedin

Recent News

Zawya.com
KBR wins FEED for Coastal Bend LNG project
2026-01-14
Offshore Technology
Coastal Bend LNG selects FEED partners for Texas Gulf Coast project
2026-01-13
thefly.com
KBR awarded FEED contract for Coastal Bend LNG project
2026-01-13
Company data provided by crunchbase