Apply on Employer Site

Sabre Systems, LLC · 2 weeks ago

Validator/Vulnerability Management Lead/Information System Security Officer (ISSO)

Patuxent River, MD

Full-time

Onsite

Mid Level

$127K/yr - $141K/yr

3+ years exp

Sabre Systems, LLC is hiring a Validator/Vulnerability Management Lead/Information System Security Officer (ISSO) to support the Unmanned Carrier Aviation Program Office (PMA-268) at Patuxent River Naval Air Station. The selected candidate will be responsible for assessing and validating RMF packages, establishing a vulnerability management program, and supporting the PMA-268 Cybersecurity Program.

Information Technology

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Assess and validate PMA-268 RMF packages (Authorizations to Operate (ATOs) and Interim Authorizations to Test (IATTs), to include but not limited to

Coordinate development of the Security Assessment Plan (SAP) with Integrated Product Team (IPT) SSE and system ISSO

Submit SAP for approval

Execute the SAP

Provide a summary of failed controls in Enterprise Mission Assurance Support Service (eMASS) (Risk Assessment)

Complete the Security Assessment Report (SAR)

Provide POA&M update recommendations to the PMA/IPT based on assessment results

Ensure traceability of all vulnerabilities from raw assessment results to the POA&M

Support Continuous Monitoring (ConMon) activities (e.g. annual security reviews, system/changes/ Memorandums for the Record (MFRs))

Create consolidated list of mitigation statements for POA&Ms (unclassified) to assist ISSOs with established mitigation statements for common non-compliant security controls

Establish and execute a PMA-268 vulnerability management program, to include developing guidance for VRAM record creation and management

Develop a PMA Vulnerability and Patch Management Policy

Coordinate development of System level Vulnerability and Patch Management Plans (VPMP)

NAVAIR Rapid Response Lead for PMA-268

Attend Rapid Response meetings

Coordinate consolidated PMA-268 responses to Orders received (i.e. EXORD, OPORD, TASKORD)

Monitor the NAVAIR Vulnerability Management Channel for notifications daily

Maintain the PMA-268 Cyber Directive Status tracker

Create and maintain a Cyber Directives tracker on SIPR summarizing the orders

Manage PMA-268 Portfolio VRAM records

Support PMA-268 Cyber Lead in execution of the PMA-268 Cybersecurity Program

Provide assistance and guidance to PMA-268 ISSOs

Update and sustain PMA-268 RMF Training Slides

Assist in the development of eMASS Common Control Packages (CCPs)

Develop RMF security control family templates

Develop PMA Incident Response Plan

Coordinate and provide oversight for all MOU/ISA efforts required in support of cyber authorizations or system use

Qualification

Vulnerability ManagementRisk Management Framework (RMF)Cybersecurity Program ManagementTechnical DegreeEngineering Expertise

Required

Must have a bachelor's degree in a technical or scientific field from an accredited college or university

Must have at least three (3) years of recent and relevant experience

Demonstrated experience in an area of engineering expertise is required

Must have an active DoD Secret Clearance or higher

Must be a US Citizen

Benefits

Employee Referral Bonus Eligibility

Comprehensive, evolving benefits designed to meet their diverse needs

Company

Sabre Systems, LLC

Sabre Systems LLC is a quality driven, customer focused business providing innovative and sustainable solutions in the areas of Cyber, Systems and Software Engineering, Advanced Communication Technologies and Digital Transformation.

Founded in 1989

Warrington, Pennsylvania, USA

201-500 employees