Information Assurance and RMF Training Specialist
5 - 7 years experience • IT Consulting/Services
Job Tracking ID: KTTS-17-133
We are looking for an enthusiastic instructor with 5+ years of hands-on experience in performing and/or participating in DoD and NIST Security Assessments, Privacy Assessments, Continuous Monitoring, and/or Authorization activities. The instructor will be teaching Cybersecurity courses on Risk Management Framework Transition, NIST Security Controls and Continuous Monitoring.
The major areas directed are:
· Curriculum development and updates in accordance with FISMA, NIST RMF, FedRAMP, and departmental requirements.
· Proficient in the use of the following standard industry tools such as ACAS, App Detective (now called DB Protect), Web Inspect, Wire Shark, ARC Sight and MS Office Suite.
· Teach RMF and other Cyber Professional Courses. Must understand the process and material at an in depth level and be able to clearly articulate and present it to a class of students.
· Participate in and lead compliance related discussions (this includes in-depth understanding of security control requirements)
· Skilled at performing vulnerability scanning, penetration testing, network device testing Patch Management and vulnerability remediation.
· Work with customers to resolve concerns and explain how compliance is achieved.
· Coordinate the day-to-day activities required to deliver a training class project on time and within budget.
· Attend and participate in regular project meetings; deliver succinct and accurate status updates.
· Understand privacy laws and regulations and how to apply them.
Experience and Skills:
• 5+ years of experience in performing and/or participating in DoD and NIST security assessments, continuous monitoring, and/or authorization activities.
• Must be able to obtain an active SECRET Security Clearance.
• Expert-level knowledge of FISMA, NIST/DoD RMF, and NIST SP 800-series publications.
• Experience using testing tools such as Nessus/ACAS, SCC, DISA STIGs / STIG Viewer, SCAP, Wire Shark, Flying Squirrel, etc.
• Privacy Experience.
• Exposure to Software Development Lifecycle (SDLC) and related terminology as it relates to Information Security/Information Assurance.
• Self-motivated and able to work in an independent manner or as part of a team.
• Able to write and talk about technical security issues in a clear, concise manner.
• Exceptional organizational and planning skills
• Previous experience teaching required.