Risk Management For DoD IT

cybersecurity compliance project manager alexandia VA job

February 22, 2020 by Leave a Comment

check out the courses:
http://convocourses.com

Job Title: #Cybersecurity #Compliance Project Manager
Job Location: Alexandria, VA, US
Project Length: Long Term

Clearance Requirement: Active Secret clearance.

Key Role:
Serve as a Task Lead responsible for the creation of a Cybersecurity Governance, Risk, and Compliance (GRC) team assessment program for a DoD organization. Design, develop, and implement the assessment program independently to measure Cyber GRC metrics, determine readiness for audits and inspections based on DoD policies and NIST standards, identify risks, and provide automated remediation plans. Work to improve communication and enhance the organization’s security posture through risk assessment preparation. Perform blind, non-punitive readiness assessments for organizational units to provide a preparatory remediation plan for upcoming inspections. Measure the effectiveness of the GRC programs and provide leadership with an unfiltered view of the organization’s security posture, measuring the balance between its objectives and risk profile. Recommend strategic enhancements and structural improvements for a compliance division.

Basic Qualifications:
10+ years of experience with Cybersecurity.
Ability to design, develop, and manage the implementation of risk assessment process methodology and tools, including eMASS.
Ability to communicate effectively and professionally in a fast-paced client-environment.
BA or BS degree in a Technology, IT, or Cybersecurity field.
DoD 8140 and 8570 IAM level II Certification.

Additional Qualifications:
Experience with GRC and assessment processes.
Experience with DoD 8500 series, NIST SP 800 series, DoD regulations, and instructions, including DoDI 8140-01, DoDI 8530.01, CJCSI 6510.01, and the Risk Management Framework (RMF).
Experience with briefing senior government officials at the General Officer and SES-levels.
PMP Certification.

Direct: 703-653-0218
karthik@param-solutions.com
https://recruiting-as-a-service.param…

https://param-solutions.com/careers

remote opportunity cybersecurity risk management framework RMF job

January 27, 2020 by Leave a Comment

check out the Cyber Security & IT Resume course:
https://securitycompliance.thinkific.com/courses/resume-marketing-for-cyber-security-it
Coupon code: resumefeb2020
50% off (expires 29 Feb 2020)

check out the remote work course:
https://securitycompliance.thinkific.com/courses/find-it-remote-work

Check out the job:
Job Title: Cybersecurity Risk Management Framework SME
Location: #RemoteJob (#WorkfromHome)
Duration: 12 Months (Contract-to-Hire)
Job Description:
Active Secret Clearance Required

· KBRwyle is seeking candidates with Risk Management Framework (#RMF) experience to join a team of experienced RMF professionals that supports the Defense Health Agency (DHA).

Position Description:

· Primary responsibility is to perform tasks related to Assessment & Authorization (A&A) and cybersecurity under the Defense Health Agency (DHA) to obtain and maintain Authorizations to Operate (ATOs) for assigned DoD medical systems (i.e., applications, networks, devices). This position will be a part of a team developing recommended courses of action needed to transition current policies and procedures to the DHA RMF-approved processes.

Primary Responsibilities:

· Provide solutions to complex problems that require the regular use of expertise and creativity. Problems are broadly defined and solutions require the continuation of specialized theories and knowledge

· Serve as Subject Matter Expert (SME) on one or more technologies/skills related to A&A activities

· Conduct risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs

· Actively participate in working group meetings to identify, plan, and execute strategies in response to emerging cybersecurity/RMF policies

· Attend and participate in regular A&A status meetings to facilitate progress and address potential issues of RMF system efforts

· Maintain awareness and knowledge of evolving security and risk management standards and communicate and apply relevant changes to existing processes

Day-to-day tasks are contingent on related experience and assigned role, and may include the following:

· Develop, update, and/or review RMF documentation to include Security Plans, Implementation Plans, Plans of Action and Milestones (POA&Ms), and Risk Assessment Reports

· Assess system compliance against NIST, DoD, and DHA security requirements to include the NIST 800-53 controls and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)

· Produce evidence as necessary to support compliance status of NIST, DoD, and DHA security requirements

· Work with system administrators, engineers, and developers to create or update system/site policies, procedures, and process guides

Minimum Qualifications:

· BS degree and six (6) years of experience with Cybersecurity / Information Technology, or twelve (12) years of hands-on experience with Cybersecurity / Information Technology

· Demonstrated efficiency and experience in one or more of the following areas:

· RMF package development, including POA&Ms (mitigation statements), Security Plans, Risk Assessments, system/site policies, procedures, and processes, architecture diagrams, and hardware and software inventories

· Assured Compliance Assessment Solution (ACAS) and Host Based Security System (HBSS)

· DISA STIGs/SRGs validation

· NIST 800-53 control validation

· Continuous Monitoring and Risk Scoring (CMRS)

· RMF policy development and strategy implementation

· BIOMED experience (former technician, physician, engineer, etc.) installing, testing, using, maintaining, designing, and/or modifying medical equipment and applications

· Demonstrated experience with Risk Management Framework (experience under DHA a plus)

· Excellent customer service and organization skills

· Excellent oral and written communication skills

· Familiarity with NIST publications

· Active DoD Secret security clearance

· DoD 8570-compliant (CompTIA Security+ certified)

· Ability to obtain OS certification or complete approved related training within 180 days of hire

· Ability to travel up to 25-35%

· Experience with eMASS

360 Mt. Kemble Avenue, Suite 2000 | Morristown, NJ 07960
Office: 973.507.7582 | Fax: 973.998.2599
siddartha.s@artech.com | www.artech.com

Cybersecurity specialist Patuxent

April 23, 2019 by Leave a Comment

Checkout the courses:
https://securitycompliance.thinkific.com

The job:

Position: Cyber Security Lead #ISSO #ISSM
Location: Patuxent River, Maryland
Full time position

Required Clearance: Secret / Top Secret
Required Certifications: IAT level III Certification.

Required Experience: Five (5) years of experience in IT security, including A&A and/or IT security risk analysis, preferably in support of the Federal Government

Skills:

· Managed team of people.
· Knowledge of Federal Government SA&A practices and policies, particularly FISMA and NIST.
· Must be motivated and results oriented.
· Effective written and oral communication skills.
· Previous Federal Government or National Archive experience a plus
Role:
Provide subject matter expertise in the provision of information assurance (IA) support for certification and accreditation (C&A), DIACAP or RMF accreditation package and artifact generation, requirements analysis, security test and evaluation (ST&E) plans and execution, risk assessments, systems analysis and hardening, incident response and policy analysis, trusted product evaluations, IA program assessments, and security posture presentations. Provide analytical support for the development and submission of C&A documentation in compliance with the DIACAP or RMF requirements. Apply knowledge of technology, analyze the security implications of systems and applications security, and provide recommendations to decision-makers and engineers. Provide experience-based advice and assistance to facilitate C&A efforts.

Please provide the following information
Current Salary:
Salary Expectation:
Full Name:
Contact No:
Best time to call you:
Email address:
Current Location:
Relocation:
Availability:
Visa status:
Clearance:

Thanks & Regards,

Terry Dean
Sr. Technical Recruiter- Federal
E-Talent Network

8(a) / SDB | CMMI level 3 Certified
Direct: 703-687-6627 Ext.384
Email: terryd@etalentnetwork.com

information assurance engineer maryland Aberdeen

April 16, 2019 by Leave a Comment

check me out on:
https://securitycompliance.thinkific.com

the Job:
Job Title: Information Assurance Engineer
Location: Aberdeen, MD
Position Type: Full Time

Clearance: Minimum Interim Secret

Must Have IAT Level 3 Certification.

Job Description:
Provides security engineering designs and implementation in all aspects of Information Assurance and Information Security (InfoSec) Engineering.
Assesses and mitigates system security threats/risks throughout the program life cycle; validates system security requirements definition and analysis; establishes system security designs; implements security designs in hardware, software, data, and procedures;
verifies security requirements; performs system certification and accreditation planning and testing and liaison activities, and supports secure systems operations and maintenance.
Mandatory Skills:
Demonstrated experience performing IA activities in support of software and system requirements, design, development, testing and sustainment
Experience with employment of IA requirements, policies, and processes to include authorization and accreditation as part of the RMF process
Experience with risk and vulnerability assessments and mitigation
Demonstrated ability to provide guidance on Intelligence Community (IC) Cyber/IA regulations and requirements to senior customers, senior LM leaders, and the program engineering staff
Experience with Security Information and Event Management (SIEM) correlation tools, Scanning (Nessus), and Host Based
Security System (HBSS)
Please provide the following information
Rate Expectation:
Full Name:
Contact No:
Alternate contact (if any):
Email address:
Current Location:
Relocation:
Availability:
Visa status

Kindly share your detailed resume at zoeyw@etalentnetwork.com

If you are qualified and interested in making a change or know of a friend who might have the required qualifications, please call me ASAP at (877) 733-3555 Ext.267, even if we have spoken recently about a different position. If you do respond via e-mail please include a daytime phone number so I can reach you. In considering candidates, time is of the essence, so please respond ASAP. Thank you.

Sincerely yours,
ZoeyWest
E TalentNetwork

Home

8251 Greensboro Drive, Suite 250
McLeanVA
zoeyw@etalentnetwork.com
(877) 733-3555 Ext.267

Information System Security Officer DC

April 5, 2019 by Leave a Comment

checkout the courses:
http://securitycompliance.thinkific.com

****
Title: Information System Security Officer (#ISSO)
Location : Washington, DC
Duration : Full time

Active Clearance required.

Description:
The contractor shall assist the government in the assessment process for all new and legacy systems to determine the security requirements associated with each system. The contractor shall interact with both technical and non-technical personnel in order to conduct a comprehensive review of a system, network or application. This is a technical role requiring moderate to advanced knowledge of security engineering, the #ATO process, enterprise monitoring, and incident response. The contractor shall assist in building or refining the program to achieve the assessment process. The contractor shall work with various elements of the cybersecurity team to understand roles, missions and requirements in order to inform this process.

Minimum Qualifications and Experience
At least 3 years serving as an Information Systems Security Officer (ISSO) at a cleared facility.
Minimum of 5 years work experience in a computer science- or Information Assurance-related field.
At least one of the following certifications: Certified Information Systems Security Professional (#CISSP), Global Information Security Professional (#GISP), or the CompTIA Advanced Security Practitioner (#CASP) or other certifications exemplifying skill sets such as those described in DoD Instruction #8570.1 IAM Level III proficiency.
Familiarity with the use and operation of security tools including Tenable. Nessus and/or SecurityCenter, IBM Guardium, Client Weblnspect, or like applications and Network Mapper (#NMAP).
A bachelor’s or advanced degree in Computer Science, Information Assurance, or Engineering is preferred.

Please provide the following information
Rate Expectation:
Full Name:
Contact No:
Alternate contact (if any):
Email address:
Current Location:
Relocation:
Availability:
Visa status

Kindly share your detailed resume at zoeyw@etalentnetwork.com

If you are qualified and interested in making a change or know of a friend who might have the required qualifications, please call me ASAP at (703) 261-7028 Ext.267, even if we have spoken recently about a different position. If you do respond via e-mail please include a daytime phone number so I can reach you. In considering candidates, time is of the essence, so please respond ASAP. Thank you.

Sincerely yours,
ZoeyWest
E TalentNetwork

Home

8251 Greensboro Drive, Suite 250
McLeanVA
zoeyw@etalentnetwork.com
(703) 261-7028 Ext.267

Information System Security Officer sunnyvale, CA

April 4, 2019 by Leave a Comment

check out my courses:
http://securitycompliance.thinkific.com

*****
the job in this video:
Job Title: Information Systems Security Officer
Location: Sunnyvale, CA
Duration: 6 Months (Possible extension)

Secret Clearance

Job Description:
Performs system and program auditing to ensure compliance to system security plan.
Conducts risk assessments and provides recommendations for secure implementation and compliance in accordance with government regulations and information assurance/cybersecurity guidelines. Creates, maintains and submits information system security documents and reports to regulatory agencies and leadership.
Assesses and mitigates system security threats/risks throughout the program life cycle; validates system security requirements definition and analysis; establishes system security documentation; assists with the implementation of security procedures; verifies information system security requirements; performs information system certification and accreditation planning, testing, assessing and liaison activities.
Familiar with information system security architectural documentation standards.
Able to apply information assurance / cyber security standards, directives, guidance and policies to an architectural/risk based framework.
Provide architectural / risk based analysis of information assurance / cyber security features and relate existing system to future needs and trends and requirements.

Skills Required
Windows client/server background. Some UNIX/LINUX technical experience, knowledge of OS security requirements and IS (Information Systems) auditing experience.
HBSS and SIPRNet experience required.

Experience Required
Previous ISSO and SIPRNet experience needed.

Education Required
Bachelor or equivalent work experience.

Please provide the following information
Rate Expectation:
Full Name:
Contact No:
Alternate contact (if any):
Email address:
Current Location:
Relocation:
Availability:
Visa status

Kindly share your detailed resume at zoeyw@etalentnetwork.com

Sincerely yours,
ZoeyWest
E TalentNetwork

Home

8251 Greensboro Drive, Suite 250
McLeanVA
zoeyw@etalentnetwork.com
(703) 261-7028 Ext.267