Cyber threats are a pervasive issue for global enterprises and government agencies. The constantly evolving nature of these threats can make understanding them seem daunting. To address this challenge, organizations need to break down complex threats into manageable plans of action.
Key Responsibilities
* Collaborate with enterprises and military leaders to identify cyber risks, understand policies, and develop mitigation strategies.
* Gather technical, environmental, and personnel details from subject matter experts and engineers to assess the threat landscape.
* Guide clients through plans of action via presentations, white papers, and milestones.
* Translate security concepts for clients to inform decision-making and secure their systems.
Requirements
* At least 4 years of experience with Navy Risk Management Framework (RMF), adhering to NAO and FAO requirements.
* Experience in roles such as Information Systems Security Manager (ISSM), Information Systems Security Officer (ISSO), RMF Support Analyst, or similar.
* Expertise in developing artifacts for Department of Defense (DoD) authorization, using Electronic Management of Administrative Records for Services (eMASS), interpreting Nessus reports, managing Plans of Action and Milestones (POA&Ms), and Navy compliance reports.
* Secret clearance and a Bachelor's degree.
* Certifications such as Cyber Government Risk Certification (CGRC)/Certified Authorization Professional (CAP), Certified Information Systems Security Professional (CASP+), Certified Cloud Security Professional (CCSP), or CompTIA Security+ preferred.
Preferred Qualifications
* Experience with Automated Continuous Audit Strategy (ACAS) setup and operation.
* Master's degree and Navy Qualified Validator Certification.
Additional Information
Applicants will undergo a security investigation and must meet eligibility for access to classified information. The role offers flexible work models, including remote and onsite options, and a comprehensive benefits package.