Cybersecurity Policy & RMF Analyst

Concept Plus

$80K — $110K *
US-AnywhereRemote in United States
Aerospace & Defense
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • US Citizenship is mandatory.
  • Must possess an active DoD Secret Clearance or be able to obtain one.
  • Bachelor's Degree in an IT-related field is required.
  • Certification that meets DoD 8570 Information Assurance Technician (IAT) Level II or higher (e.g., Sec+ CE).
  • At least 3 years of experience with the Risk Management Framework process is necessary.
  • Minimum of 3 years of operational experience with the Enterprise Mission Assurance Support Service Application (eMASS).

Responsibilities

  • Adhere to DoD cybersecurity policies and frameworks, ensuring compliance.
  • Monitor and manage risks, documenting actions in a risk registry.
  • Provide industry best practice recommendations to mitigate or remediate risks.
  • Conduct RMF validations for IT portfolios, following up on progress.
  • Review security controls to support Authorization to Operate (ATO) assessments.
  • Identify risks related to vulnerabilities and their potential impacts.
  • Coordinate and develop recovery plans for business-critical services post-digital incidents.
  • Facilitate the creation of asset inventories, including those related to cloud technology.
  • Track and report the status of vulnerabilities and ensure all plans of action are current.

Benefits

  • Access to continuing education and professional development opportunities.
  • Flexible working hours and a supportive work environment.
  • Opportunity to work on cutting-edge cybersecurity initiatives.
  • Collaborative team culture focused on shared success.
  • Health and wellness programs to support your well-being.
Full Job Description
About the role

Concept Plus is seeking a Cybersecurity Policy and RMF Analyst to provide Risk Management Support to identify shortfalls in the assessment and authorization process, track and manage Risk Assessments, assist in implementing a Risk Management strategy and tie together the business continuity of operations plan (COOP) and the IT COOP plans.

What you'll do

  • Adhere to the DoD cybersecurity policy requirements set forth in DoDI 8500.01, "Cybersecurity," and DoDI 8510.01, "Risk Management Framework (RMF) for DoD Information Technology (IT)" and their successors.
  • Monitor identified risks and track response actions to ensure they support the customer Risk Management Strategy and are properly documented in a risk registry.
  • Provide recommendations to business and IT leaders on best business practices followed in the industry to mitigate or remediate risks • Schedule, conduct, and track RMF validations for each IT Portfolio.
  • Review of security controls, as part of a risk assessment, as needed to support an Authorization to Operate (ATO) of an investment.
  • Review vulnerabilities and identify potential risks based on the type of vulnerability and the potential impact.
  • Identify actions needed to protect information flows to ensure adherence to legal and regulatory standards.
  • Coordinate the development of plans and procedures to ensure that business-critical services are recovered in the event of a digital risk event. • Facilitate and support the development of asset inventories, including digital assets in cloud. • Track all technology requests.
  • Track open vulnerabilities and provide a status on each open risk for each IT Portfolio / Investment. Ensure POAMs are current and reflects all known weaknesses.
  • Stay up-to-date with the latest Azure and FedRAMP regulatory changes and industry trends, advising teams on potential impacts and necessary adjustments.

Qualifications

  • US Citizenship
  • Active DoD Secret Clearance (or able to obtain
  • Bachelor's Degree in an IT related field
  • Meet DoD 8570 Information Assurance Technician (IAT) Level II or Higher (Sec+ CE or Higher)
  • 3+ Years Experience with the Risk Management Framework Process
  • 3+ Years Experience operating the Enterprise Mission Assurance Support Service Application (eMASS)

Similar Jobs

More Jobs at Concept Plus

More Aerospace & Defense Jobs

Find similar Cybersecurity Policy & RMF Analyst jobs: