Cybersecurity Assessment and Authorization SME

16 hours, 31 minutes ago
Full-time
Senior
Cybersecurity
Electrosoft

Electrosoft

Electrosoft is a leading provider of technology-based solutions and services, specializing in cybersecurity and information privacy. With a focus on thought leadership and innovation, Electrosoft has been serving Government and commercial customers sin...

Internet Software & Services
51-250
Founded 2001

Description

  • Serve as the Cybersecurity Assessment and Authorization SME for enterprise Risk Management Framework activities across information systems, cloud services, operational technology, Platform IT, FRCS, and hybrid environments.
  • Lead and support the full RMF lifecycle, including categorization, control selection, implementation, assessment, authorization, and continuous monitoring.
  • Develop, review, update, and maintain RMF documentation and authorization packages, including SSPs, SAPs, SARs, POA&Ms, PIAs, RAMs, AORA documentation, and related artifacts.
  • Assess and validate security controls in accordance with DoDI 8510.01, NIST SP 800-53, DLA guidance, and applicable Federal and DoD requirements.
  • Conduct security control assessments, vulnerability analyses, and compliance reviews to evaluate cybersecurity control effectiveness.
  • Support authorization decisions by identifying residual risk, evaluating compensating controls, and advising SCAs, AOs, and Government leadership.
  • Support implementation and validation of STIGs, SRGs, ACAS scans, IAVA compliance, vulnerability remediation, and continuous monitoring activities.
  • Use eMASS to manage authorization packages, track control implementation, document vulnerabilities, and maintain authorization status.
  • Coordinate remediation efforts with ISSMs, system owners, engineers, information owners, program managers, and Government stakeholders.
  • Prepare executive-level briefings, technical reports, dashboards, and risk assessments on authorization status and cybersecurity posture.

Requirements

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, Engineering, or a related technical discipline, or 4 additional years of directly related experience in place of the degree.
  • Minimum of 5 years of experience supporting A&A, C&A, or RMF activities within DoD or Federal environments.
  • Experience implementing and applying the DoD Risk Management Framework in accordance with DoDI 8510.01 and NIST SP 800-53.
  • Must meet DoD 8140 workforce qualification requirements, including IAM Level III or successor qualification, as required by the contract.
  • Must have a Secret clearance and be able to obtain or currently possess IT-II Non-Critical Sensitive security clearance or Tier 3 (T3).
  • Experience assessing security controls and supporting authorization activities for large, complex enterprise environments.
  • Experience developing and maintaining RMF documentation such as SSPs, SAPs, SARs, POA&Ms, continuous monitoring strategies, PIAs, and authorization packages.
  • Experience supporting security authorization for cloud hosted services, OT, PIT, FRCS, or similar enterprise technologies.
  • Experience using cybersecurity tools such as eMASS, ACAS, STIG Viewer, SCAP Compliance Checker, or comparable platforms.
  • Strong knowledge of vulnerability management, continuous monitoring, security control validation, cybersecurity compliance, and risk assessment methodologies.
  • Strong understanding of DoD cybersecurity policies, Federal cybersecurity regulations, NIST publications, and DLA cybersecurity guidance.
  • Excellent analytical, organizational, written, and verbal communication skills, including presenting technical information to technical and executive audiences.
  • Ability to collaborate effectively with Government customers, ISSMs, SCAs, program managers, engineers, and cross-functional cybersecurity teams.
  • Preferred: technical background with experience directing IT operations and systems architecture.
  • Preferred: previous Government or contractor experience with a government agency.
  • Preferred: undergraduate degree.

Benefits

  • Pay range of $115,000 to $125,000 USD.
  • Equal Opportunity Employer with Veterans and Disabled coverage.
  • Meaningful work supporting important federal cybersecurity missions.
  • Growth opportunities for employees.
  • Work-life balance.
  • Lunch and Learn sessions for professional idea-sharing and development.
  • Team-building and social activities, including escape rooms and miniature golf.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Purview Technical Consultant

Phoenix Software 251-1K IT Services

Phoenix is hiring a Technical Consultant to deliver Microsoft Cloud Security solutions for UK public sector customers, with a focus on designing and implementing Microsoft Purview-based services.

17 hours, 1 minute ago

SAP GRC (Governance, Risk, and Compliance) Consultant

Accenture 100K+ Professional Services

Accenture Federal Services is hiring an SAP GRC Consultant to support SAP Customer Activity Repository integrations for POS and e-commerce data across retail and financial environments.

1 day, 16 hours ago

Associate Director, Regulatory Risk, Compliance & Accreditation

Planned Parenthood 251-1K Health Care Providers & Services

Planned Parenthood Federation of America is hiring an Associate Director, Regulatory Risk, Compliance & Accreditation to oversee information security accreditation, PCI DSS compliance, and related risk management activities across its federation.

Encryption
1 day, 17 hours ago

RMF Process Lead (R-00177)

True Zero Technologies 11-50 Internet Software & Services

True Zero Technologies is hiring an RMF Process Lead to own and modernize federal Risk Management Framework workflows and support the transition to a new enterprise GRC or RMF platform.

3 days, 16 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers