|
Job Description: Dynamo Technologies LLC is seeking a Cybersecurity Assessment & Authorization (A&A) Subject Matter Expert (SME) to support the Defense Logistics Agency (DLA) Technology Foundation Services (TFS) Vulnerability Management Program. The selected candidate will provide Risk Management Framework (RMF), Assessment and Authorization (A&A), compliance, audit, and cybersecurity documentation support to ensure enterprise systems maintain compliance with DoD cybersecurity requirements and authorization standards. Duties/ Responsibilities
- Support implementation of Assessment and Authorization (A&A) controls for information technology systems.
- Ensure accurate, complete, and timely POA&Ms are developed to mitigate identified vulnerabilities.
- Provide support for information technology security surveys, studies, audits, and inspections.
- Assist with Security Test and Evaluation (ST&E) activities.
- Provide security advice and technical support for infrastructure design and cybersecurity controls.
- Validate Information Assurance (IA) controls for applicability and compliance.
- Perform software Information Assurance assessments.
- Update and maintain RMF documentation and supporting cybersecurity artifacts.
- Support development and maintenance of IAVM Plans.
- Support development and maintenance of System Identification Plans and RMF Implementation Plans.
- Support development and maintenance of SSAA documentation.
- Develop and maintain eMASS reports and supporting artifacts.
- Provide support for Cybersecurity Vulnerability Assessments (CVAs).
- Participate in CORAs, CVAs, OIG inspections, audits, and cybersecurity reviews.
- Conduct risk and vulnerability pre-assessments.
- Support validation of IA controls assigned to enclaves and applications.
- Apply RMF principles to cybersecurity control implementation activities.
- Develop lessons learned documentation and update methodologies, SOPs, and TTPs.
- Gather, consolidate, and maintain A&A and audit artifacts.
- Maintain repositories of cybersecurity documentation and supporting evidence.
- Provide Patch Management Plans and Technical Advice Memorandums.
- Develop interpretation and clarification reports regarding technical standards and vulnerabilities.
- Develop residual risk narratives for management review and decision-making.
Required Skills/Abilities
- Knowledge of Risk Management Framework (RMF).
- Knowledge of Assessment and Authorization (A&A) processes.
- Knowledge of Information Assurance (IA) controls.
- Experience supporting Security Test and Evaluation (ST&E) activities.
- Experience supporting audits, inspections, and cybersecurity assessments.
- Experience supporting eMASS documentation and reporting.
- Experience supporting Cybersecurity Vulnerability Assessments (CVAs) and Cyber Operational Readiness Assessments (CORAs).
- Ability to analyze cybersecurity risks and vulnerabilities.
- Strong technical writing and documentation skills.
Nice to Have Skills
- Experience supporting DLA cybersecurity programs.
- Experience supporting enterprise vulnerability management initiatives.
- Experience supporting NIPRNet and SIPRNet environments.
- Experience developing cybersecurity methodologies, SOPs, and TTPs.
- Experience maintaining large repositories of RMF and audit documentation.
Education and Experience:
- Minimum ten (10) years of relevant Risk Management Framework (RMF) and NIST Assessment & Authorization (A&A) experience.
- DoD 8570 / 8140 Baseline Certification.
Travel Requirement:
- Travel may be required in support of audits, inspections, assessments, and stakeholder coordination activities.
Clearance Requirement:
- Must possess a DoD Secret Clearance and be eligible for an IT-II Non-Critical Sensitive security clearance (Tier 3 (T3)) upon assignment.
Dynamo is a full lifecycle digital transformation company providing best-in-class technology and mission support services to our clients. Dynamo's mission is to lead the digital transformation industry and provide best-in-class solutions for our clients with a truly human touch. We leverage industry leading practices to empower our clients, ultimately providing them with the necessary tools, knowledge, and information required to successfully achieve their strategic goals, while optimizing their operations. Through our partnerships, boldness, and authenticity, Dynamo goes against the grain of a traditional government contracting company by providing top-caliber team members, delivering quality results, and always exceeding expectations. Dynamo Technologies is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, disability, protected veteran status, age, or any other characteristic protected by law.
|