Job Summary: 

• Implement RMF processes in eMass to manage risk and compliance.
• Create and update security documentation required for RMF and ATO processes.
• Design cybersecurity solutions to detect weaknesses, assess vulnerabilities, and enhance system security.
• Provide weekly updates to ACC regarding Command Cyber Readiness Inspection (CCRI) activities.
• Conduct training sessions on RMF lifecycle and eMass usage for team members.
• Manage software certifications for both newly acquired and expired systems.
• Prepare Authorization to Operate (ATO) packages for system accreditation.
• Perform ACAS and SCAP scans to assess vulnerabilities in systems.
• Apply Security Technical Implementation Guides (STIGs) to systems for compliance.
• Maintain documentation for user access controls in accordance with records management policies.
• Ensure all hardware, software, and firmware adhere to required STIGs and security configurations.

Skills on Resume: 

• RMF Implementation (Hard Skills)
• Security Documentation (Hard Skills)
• Cybersecurity Solutions (Hard Skills)
• CCRI Reporting (Hard Skills)
• RMF Training (Soft Skills)
• Software Certification (Hard Skills)
• ATO Preparation (Hard Skills)
• Vulnerability Scanning (Hard Skills)

Job Summary: 

• Develop and implement plans and goals in the realm of cybersecurity.
• Coordinate and communicate with multiple ISSOs to ensure compliance with regulations and internal policies.
• Maintain scheduling of events, meetings, and briefings, and represent the cybersecurity team.
• Foster and maintain a positive cybersecurity culture that embraces proactive communication and security with employees, subcontractors, and stakeholders.
• Support, communicate, reinforce, and defend the cybersecurity mission, values, and culture of the organization.
• Coordinate Change and Control Boards, document meeting minutes, and track subsequent tasks.
• Provide feedback and approve all changes from the cybersecurity perspective.
• Assist with the management of Authorization and Assessment processes for multiple Authorities to Operate across multiple sites.
• Evaluate changes or additions to the IS within the facility, determine security relevance, and make recommendations for approval or denial.
• Assist the Facility Security Officer (FSO) with periodic inventories.
• Manage all personnel involved with cybersecurity at the facility.
• Collaborate with government security personnel on issues and concerns, maintain communication on the state of security at each site, share lessons learned, and apply common solutions.

Skills on Resume: 

• Cybersecurity Planning (Hard Skills)
• Regulatory Compliance (Hard Skills)
• Team Coordination (Soft Skills)
• Cybersecurity Culture (Soft Skills)
• Mission Support (Soft Skills)
• Change Management (Hard Skills)
• Risk Evaluation (Hard Skills)
• Personnel Management (Soft Skills)

Job Summary: 

• Prepare and conduct security briefings, security program self-assessments, threat/vulnerability assessments, security audits, and perform records management for associated documentation.
• Perform records management for classified activities such as document accountability, security clearances, classified meetings, and classified visits.
• Liaise with customer and subcontractor security offices on security-related questions.
• Investigate security violations and prepare reports specifying preventive action to be taken.
• Transmit and receive classified materials via mail or classified network.
• Analyze RFPs, contracts, and develop security responses and plans for compliance.
• Perform as COMSEC Account Custodian for keying material associated with STE and TACLANE.
• Develop, implement, enforce, and maintain an Information System (IS) Security Program.
• Obtain and maintain system certification/accreditation.
• Coordinate and support all internal and external information system audits and reviews.
• Coordinate with production managers when performing hardware/software changes to minimize impact on production.
• Ensure IS user training, clearance levels, special briefings, and need-to-know prior to providing IS access.

Skills on Resume: 

• Security Assessments (Hard Skills)
• Records Management (Hard Skills)
• Security Liaison (Soft Skills)
• Incident Investigation (Hard Skills)
• Classified Material Handling (Hard Skills)
• Compliance Planning (Hard Skills)
• COMSEC Management (Hard Skills)
• IS Security Program (Hard Skills)

Job Summary: 

• Identify, install, test, and verify OS- and software-level patches and STIGs according to cybersecurity standards.
• Administer and manage Information Assurance (IA) and Cybersecurity across multiple systems.
• Develop and oversee IA and cybersecurity procedures in compliance with DoD policies.
• Maintain network security and ensure compliance with DIACAP and RMF standards.
• Evaluate hardware and software components, including peripherals and output devices.
• Contribute to the creation and enforcement of network procedures and operational standards.
• Develop and execute testing strategies, thoroughly documenting test results.
• Troubleshoot and resolve complex technical issues that arise within systems.
• Implement technical security controls to support effective system hardening.
• Stay updated on the latest developments in assigned hardware and software technologies.

Skills on Resume: 

• Patch Management (Hard Skills)
• Cybersecurity Administration (Hard Skills)
• Policy Compliance (Hard Skills)
• Network Security (Hard Skills)
• System Evaluation (Hard Skills)
• Procedure Development (Hard Skills)
• Testing Strategies (Hard Skills)
• Technical Troubleshooting (Hard Skills)

Job Summary: 

• Work with the IT/Security staff and Facility Security Officer (FSO) to ensure the highest level of security.
• Maintain the Information Systems (IS) security program and policies for the assigned area of responsibility.
• Manage the oversight of operational IS security implementation policy and guidelines.
• Oversee and conduct periodic testing to evaluate the security posture of the IS.
• Ensure approved procedures are used for sanitizing and releasing system components and media.
• Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures.
• Oversee and assist with the maintenance and execution of the Information Security Continuous Monitoring (ISCM) plan.
• Ensure user activity monitoring data is analyzed, stored, and protected in accordance with policies and procedures.
• Ensure compliance with current Information Assurance (IA) policies, concepts, and measures when designing, procuring, adopting, and developing new IS.
• Manage and assist with data transfer responsibilities in the lab and in nearby government sites.
• Manage requests that involve system and area co-utilizations and joint use.
• Lead a team of ISSOs and Security Administrators through the RMF process and provide tasking to keep programs on schedule.

Skills on Resume: 

• Security Collaboration (Soft Skills)
• IS Security Management (Hard Skills)
• Policy Oversight (Hard Skills)
• Security Testing (Hard Skills)
• Media Sanitization (Hard Skills)
• Security Knowledge (Hard Skills)
• ISCM Oversight (Hard Skills)
• Team Leadership (Soft Skills)

Job Summary: 

• Provide Information Assurance engineering analysis.
• Design and support firewalls, routers, networks, and operating systems.
• Review vulnerability scans and web application scans using a variety of security tools.
• Perform duties related to Authorization and Accreditation (A&A) and the Risk Management Framework lifecycle.
• Review and assess ACAS scans.
• Support documentation initiatives related to System Security Plans, Risk Assessment Plans, Continuity of Operations Plans, Incident Response Plans, and Security Test and Evaluation (ST&E) standards.
• Witness system security testing on behalf of the government.
• Perform FISMA continuous monitoring-related activities.
• Conduct product evaluations, recommend, and implement products and services for network security.
• Audit system configurations and evaluate operational processes to ensure compliance with security directives and requirements.
• Review and recommend installation, modification, or replacement of hardware or software components and configuration changes that affect security.
• Enforce security directives, orders, standards, plans, and procedures at server sites.

Skills on Resume: 

• IA Engineering (Hard Skills)
• Network Security Design (Hard Skills)
• Vulnerability Analysis (Hard Skills)
• RMF Lifecycle (Hard Skills)
• ACAS Review (Hard Skills)
• Security Documentation (Hard Skills)
• Continuous Monitoring (Hard Skills)
• System Auditing (Hard Skills)

Job Summary: 

• Oversee implementation of secure network architectures, customer IS requirements, operational concepts, and security accreditation plans and procedures for assigned programs in compliance with applicable security manuals and assessment process requirements.
• Apply technical expertise and full knowledge of related disciplines by implementing technical solutions across various platforms.
• Prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, RAR, SCTM), including participation in system categorization.
• Provide oversight, guidance, and training for system administrators (SAs).
• Perform tasks related to compliance of Continuous Monitoring (ConMon) Plans (e.g., audit log review, security patching, software and hardware configuration management).
• Investigate security incidents, including data spills, data integrity incidents, and malicious code incidents.
• Support the Facility Security Officer in other security disciplines such as communications security (COMSEC), physical security, document control, classified visits, personnel security, and security education.
• Conduct reviews and technical inspections to identify and mitigate potential security weaknesses, and ensure that all security features applied to a system are implemented and functional.
• Provide front-line technical support to users, as well as implement upgrades and new systems.
• Ensure system and data confidentiality, availability, and integrity.

Skills on Resume: 

• Secure Network Architecture (Hard Skills)
• Technical Solutions (Hard Skills)
• Authorization Documentation (Hard Skills)
• Administrator Training (Soft Skills)
• Continuous Monitoring (Hard Skills)
• Incident Investigation (Hard Skills)
• Security Support (Hard Skills)
• Technical Inspections (Hard Skills)

Job Summary: 

• Serve as the subject matter expert for all USG workstation and domain technical operations and compliance.
• Scale infrastructure by creatively implementing automated solutions.
• Collaborate with ISSMs, ISSOs, and FSOs to provide consistent solutions across all facilities.
• Create and manage user-facing guides, POA&Ms, SPPs, ATOs, and other relevant USG documentation.
• Integrate new hardware and software technologies into the USG infrastructure.
• Apply STIG/RMF policy knowledge and implementation, including validating compliance via ACAS and other relevant tests.
• Manage relationships with upstream vendors and sponsors.
• Provide and delete user accounts and perform general LDAP and Active Directory maintenance.
• Conduct ongoing security reviews and tests of the Information System to verify security features and operating controls remain functional and effective, maintaining continuous monitoring of program policies and procedures.
• Develop and implement all program IT Policies and IT Security Policies in accordance with corporate IT and IT Security policies.

Skills on Resume: 

• Operations Expertise (Hard Skills)
• Automation Solutions (Hard Skills)
• Facility Collaboration (Soft Skills)
• Documentation Management (Hard Skills)
• Tech Integration (Hard Skills)
• Compliance Validation (Hard Skills)
• Vendor Relations (Soft Skills)
• Directory Management (Hard Skills)

Job Summary: 

• Provide ISSM-related services and serve as primary technical advisor to government points of contact (POCs).
• Ensure cybersecurity processes, protocols, and guidance are integrated throughout the IT lifecycle in accordance with applicable directives.
• Ensure all IT cybersecurity-related documents are current and accessible to authorized individuals in accordance with established policies.
• Support the Program Manager or Information System Owner in maintaining current Authorization to Operate (ATO) and Approval to Connect, and in implementing corrective actions identified in the Plan of Action and Milestones (POA&M).
• Coordinate with government POCs for the development of an Information Security Continuous Monitoring (ISCM) strategy.
• Monitor proposed and actual changes to the system and its environment.
• Monitor the system for security-relevant events, assess proposed configuration changes for potential impact on the cybersecurity posture, and assess the quality of controls against established indicators.
• Report events, risks, and configuration changes to the Authorizing Official (AO) and other stakeholders.
• Ensure all privileged users comply with applicable manuals and directives.
• Implement and enforce all cybersecurity policies, procedures, and countermeasures.
• Validate that all users have the requisite clearance and need-to-know, track user cybersecurity training, and ensure users are aware of their responsibilities in accordance with policy.

Skills on Resume: 

• ISSM Services (Hard Skills)
• Cybersecurity Integration (Hard Skills)
• Document Management (Hard Skills)
• ATO Support (Hard Skills)
• ISCM Strategy (Hard Skills)
• Change Monitoring (Hard Skills)
• Risk Reporting (Hard Skills)
• Policy Enforcement (Hard Skills)

Job Summary: 

• Provide Information System Security Engineering technical execution of information security-related activities.
• Define security requirements and design solutions, provide guidance, and implement direction related to security technologies.
• Apply Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 controls to obtain and/or maintain Authority to Operate for information systems.
• Identify and implement security design, and prepare and maintain engineering and security-related documentation.
• Provide technical advice related to system security, vulnerabilities, security architecture, and security policies.
• Ensure the rigorous application of information security and information assurance policies and procedures.
• Provide practical working knowledge of technically diverse environments and oversight on vulnerability assessments.
• Define, negotiate, and execute Assessment and Authorization (A&A) events.
• Conduct cybersecurity audits and risk assessments to ensure appropriate implementation and compliance with the security posture.
• Generate and maintain information security documentation, including System Security Plans (SSPs) and related RMF artifacts.
• Schedule, perform, and maintain records of required information system auditing, patching, maintenance, software/hardware changes, and malware scanning based on evolving threats, vulnerabilities, and compliance requirements.

Skills on Resume: 

• Security Engineering (Hard Skills)
• Security Design (Hard Skills)
• RMF NIST Compliance (Hard Skills)
• Documentation Management (Hard Skills)
• Technical Advisory (Hard Skills)
• Policy Application (Hard Skills)
• Vulnerability Oversight (Hard Skills)
• Cybersecurity Auditing (Hard Skills)

Job Summary: 

• Manage the day-to-day operations of security tools, processes, and vendors responsible for providing perimeter, application, network, and cloud security, including Firewalls, Proxies, Antivirus, SIEM, Network Access Control, Email Gateway, IDS/IPS, DAST/SAST, Privileged Access Management, Data Loss Prevention, Penetration Testing, Vulnerability Management, and Disaster Recovery.
• Deploy, configure, and mature security tools and processes.
• Lead Incident Response activities, coordinating with internal and external technical teams and providing on-call support.
• Manage an internal technical team as well as an external SOC.
• Lead and coordinate the investigation and remediation of monitoring alerts.
• Drive and oversee the development of playbooks and standard operating procedures for incident response, security tools, and processes.
• Serve as the Subject Matter Expert for network security and security operations, and provide expertise and guidance to internal and external IT team members.
• Serve as the Project Manager for technical security operations projects, implementing new security technologies and maintaining existing technologies.
• Maintain a current understanding of the cybersecurity threat landscape.
• Identify and evaluate security gaps and translate them into functional specifications to reduce risk.
• Review alignment of security controls to policies, frameworks, and regulations, and provide roadmaps to meet compliance.
• Lead and deliver security operations reporting and metrics, including KPIs and KRIs.
• Execute tasks as a member of the Information Security team as assigned by management.

Skills on Resume: 

• Security Operations (Hard Skills)
• Tool Deployment (Hard Skills)
• Incident Response (Hard Skills)
• Team Management (Soft Skills)
• Alert Remediation (Hard Skills)
• Playbook Development (Hard Skills)
• Network Security (Hard Skills)
• Project Management (Soft Skills)

Job Summary: 

• Conduct Assessment and Authorization (A&A) and Certification and Accreditation (C&A) activities through the Risk Management Framework (RMF) for Defense Business Systems, Research, Development, Test and Evaluation (RDT&E), and Platform Information Technology (PIT) ISs and networks within enterprise mission assurance support services or its successor, in accordance with current policies.
• Conduct in-depth technical reviews of A&A and C&A documentation from program executive offices and field activities seeking authorization and/or accreditation from the Authorizing Official (AO) or Functional Authorizing Official (FAO) in accordance with appropriate policies and procedures.
• Develop recommendations for corrective actions and courses of action, including validating test procedures, artifacts, plans and procedures, compliance status, test results, reports, and supporting documentation.
• Assist program offices and field activities in preparing A&A and/or C&A documentation for submission to the AO/FAO.
• Schedule and facilitate collaboration meetings between the Security Controls Assessor (SCA), representatives, program offices, warfare centers, and engineering agents.
• Assist in executing cybersecurity assistance visits at activities with a focus on A&A and C&A efforts of the activity being assisted.
• Maintain the Information Technology Portfolio Repository database to record the present status of all IT systems.
• Assist project managers, warfare centers, and engineering agents in the implementation and execution of cybersecurity directives and policies.
• Provide required reports, including weekly metrics regarding A&A packages, risk metrics, and data calls.

Skills on Resume: 

• A&A C&A Execution (Hard Skills)
• Documentation Review (Hard Skills)
• Corrective Actions (Hard Skills)
• Documentation Support (Hard Skills)
• Collaboration Meetings (Soft Skills)
• Cybersecurity Assistance (Hard Skills)
• Portfolio Management (Hard Skills)
• Reporting Metrics (Hard Skills)

Job Summary: 

• Establish, document, and monitor security programs while overseeing implementation plans and ensuring compliance with management policies.
• Serve as the authorizing officer for all cybersecurity issues.
• Conduct periodic scans to verify networks and systems are appropriately baselined with tested and approved system and application patches, hotfixes, and updates.
• Continually evaluate the security posture of all networks and systems and recommend implementation of new security controls as threats and vulnerabilities are discovered.
• Create, log, and control all customer requests and transactions for data transfers between systems (e.g., compact disks, high-capacity media, scanned documents).
• Ensure periodic activities are completed, including data backups, account management (deactivation of unused accounts and validation of user access rights), and participation in the Systems Development Life Cycle (SDLC).
• Evaluate new software and hardware products for potential security flaws and risks.
• Periodically review and analyze audit logs for system deficiencies and anomalies using audit reduction tools.
• Prepare, update, and maintain RMF documentation, including Authorization to Operate (ATO) packages, System Security Plans (SSPs), Risk Assessment Reports (RARs), Security Control Traceability Matrices (SCTMs), and Plans of Action and Milestones (POA&Ms) for all networks and systems.
• Provide Configuration Management (CM) for IS security software, hardware, and firmware, and coordinate changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).
• Work closely with Security Control Assessors to determine the effectiveness of current security controls and develop a path forward to implement future security controls where weaknesses may exist.

Skills on Resume: 

• Program Management (Hard Skills)
• Authorization Oversight (Hard Skills)
• Patch Management (Hard Skills)
• Security Evaluation (Hard Skills)
• Data Control (Hard Skills)
• Account Oversight (Hard Skills)
• Product Review (Hard Skills)
• Audit Review (Hard Skills)

Job Summary: 

• Ensure the integration of cybersecurity into, and throughout, the lifecycle of IT on behalf of the Authorizing Official (AO) and in accordance with applicable directives.
• Ensure all IT cybersecurity-related documentation is current and accessible to properly authorized individuals in accordance with established policies.
• Support the Program Manager (PM) or Information System Owner (ISO) in maintaining current Authorization to Operate (ATO) and Approval to Connect, and in implementing corrective actions identified in the Plan of Action and Milestones (POA&M).
• Coordinate with the PM and AO staff for the development of an Information Security Continuous Monitoring (ISCM) strategy, and monitor any proposed or actual changes to the system and its environment.
• Continuously monitor the IT and environment for security-relevant events, assess proposed configuration changes for potential impact on the cybersecurity posture, and assess the quality of security controls implementation against performance indicators.
• Ensure cybersecurity-related events or configuration changes that impact IT authorization or adversely affect the security posture are formally reported to the AO and other affected parties.
• Ensure all privileged users comply with applicable directives and maintain proper clearances in accordance with policy.
• Implement and enforce all cybersecurity policies, procedures, and countermeasures.
• Validate that all users have the requisite security clearances and need-to-know, complete annual cybersecurity training, and are aware of their responsibilities before being granted access to IT.
• Maintain all authorized user access control documentation in accordance with records information management requirements.
• Ensure software, hardware, and firmware comply with appropriate security configuration guidelines (e.g., Security Technical Implementation Guides and Security Requirements Guides).
• Ensure proper configuration management procedures are followed before implementation and contingent upon necessary approval by the government.

Skills on Resume: 

• Cybersecurity Integration (Hard Skills)
• Documentation Management (Hard Skills)
• ATO Support (Hard Skills)
• ISCM Strategy (Hard Skills)
• Security Monitoring (Hard Skills)
• Event Reporting (Hard Skills)
• Policy Enforcement (Hard Skills)
• Access Validation (Hard Skills)

Job Summary: 

• Oversee Information Assurance and Risk Management Framework processes and perform duties as ISSM for the 363 ISRW.
• Ensure other IT support personnel monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks.
• Communicate with internal and client project team members.
• Work to implement solution designs and/or processes in hardware, software, data, and procedures.
• Coordinate with personnel on system security compliance and Information System Authority to Operate.
• Ensure configuration management policies and procedures for authorizing the use of hardware/software on an IS are followed.
• Coordinate Information Security Reviews, Security Inspections, and Tests.
• Assess system security threats/risks, and validate system security requirements definitions and analysis.
• Assist with the assessment and authorization process.
• Track and validate security incidents and investigate, document, report, and provide future protective and corrective measures in response to such incidents.
• Ensure proper measures are taken when an incident or vulnerability is discovered.
• Lead leadership briefings on system security compliance and Information System Authority to Operate (ATO) compliance, expiration, and actions.
• Implement the Risk Management Framework (RMF) methodology to successfully implement an information technology process that effectively protects the element's information assets and its ability to perform its mission.
• Populate and maintain RFM databases (XACTA, eMass) with bodies of evidence to support system accreditation actions.
• Collaborate with Program Managers, AF Intelligence Community Information Assurance Program Managers, ISSOs, and configuration managers to maintain an effective risk assessment process.
• Ensure data stewardship (confidentiality, integrity, and availability) is established for each IS, and specific requirements are enforced.

Skills on Resume: 

• IA RMF Oversight (Hard Skills)
• Vulnerability Monitoring (Hard Skills)
• Team Communication (Soft Skills)
• Solution Implementation (Hard Skills)
• ATO Coordination (Hard Skills)
• Configuration Management (Hard Skills)
• Security Reviews (Hard Skills)
• Threat Assessment (Hard Skills)

Job Summary: 

• Develop and administer users’ security briefings to ensure all users are aware of the requirements for the IS.
• Provide advice, guidance, and assistance to senior management, program managers, system users, and custodians on IS security matters.
• Schedule, conduct, and administer security tests and evaluation programs to ensure that all applicable IS are operating in accordance with security requirements.
• Maintain a configuration management system to track and control all components of IS used in support of classified programs.
• Identify, evaluate, and document all IS and other equipment to ensure compliance with red/black engineering and emanations security requirements.
• Perform audits of all IS, investigate anomalies, and record and report findings.
• Coordinate and/or conduct detailed inquiries, assess potential damage, and develop, document, implement, and monitor corrective action plans.
• Perform data spill containment and clean-up per customer direction.
• Perform self-inspections as required by government regulations and participate in customer audits and inspections.
• Research software and hardware to be used on classified systems and coordinate the use as required by regulations.

Skills on Resume: 

• User Briefings (Hard Skills)
• Security Guidance (Soft Skills)
• Security Testing (Hard Skills)
• Configuration Management (Hard Skills)
• Compliance Evaluation (Hard Skills)
• System Auditing (Hard Skills)
• Corrective Actions (Hard Skills)
• Data Spill Response (Hard Skills)

Job Summary: 

• Implement Continuous Monitoring (ConMon) for assigned systems.
• Work off the Plan of Action and Milestones (POA&M) list and keep the asset current through Step 6 of RMF.
• Analyze, interpret, and verify IS disaster recovery and contingency plans to assure the rapid recovery of IS in the event of an emergency or disaster.
• Perform other functions as designated or delegated by Security Management.
• Maintain a regular and predictable work schedule.
• Establish and maintain effective working relationships within the department and across organizational units.
• Interact appropriately with others to maintain a positive and productive work environment.
• Ensure configuration management is documented, including change tracking and maintenance logs.
• Serve as a voting member of the Configuration Control Board (CCB).
• Oversee assigned ISSOs to follow established IS policies and procedures.

Skills on Resume: 

• Continuous Monitoring (Hard Skills)
• POA&M Management (Hard Skills)
• Disaster Recovery (Hard Skills)
• Security Support (Hard Skills)
• Work Consistency (Soft Skills)
• Team Collaboration (Soft Skills)
• Configuration Management (Hard Skills)
• ISSO Oversight (Soft Skills)

Job Summary: 

• Integrate core competencies into daily functions, including commitment to integrity, knowledge and quality of work, supporting financial goals of the organization, initiative and motivation, etc.
• Develop Certification and Accreditation Program (C&A) documentation for assigned systems.
• Utilize Certification and Accreditation or Risk Management Framework (RMF) process requirements.
• Work under the coordination and guidance of the Designated Accreditation Authority (DAA).
• Coordinate activities with the lead IAM, Program Manager, and lead engineer.
• Complete system-level risk assessments of all existing documentation to identify gaps in Information Assurance objectives and security compliance.
• Update documentation to ensure compliance is maintained.
• Identify mandated DISA Security Technical Implementation Guides (STIGs) and NSA System Network and Attack Center (SNAC) Configuration Guides.
• Conduct security verification and validation testing.
• Report results and make recommendations.

Skills on Resume: 

• Core Competencies (Soft Skills)
• C&A Documentation (Hard Skills)
• RMF Process (Hard Skills)
• DAA Coordination (Soft Skills)
• Activity Coordination (Soft Skills)
• Risk Assessment (Hard Skills)
• Compliance Documentation (Hard Skills)
• Security Testing (Hard Skills)

Job Summary: 

• Support code scans using automated testing tools (e.g., Fortify, SonarQube, and AppScan).
• Identify and document the gap analysis between the security controls and the STIGs/SNAC for all system-level components.
• Provide re-certification and annual review requirements support for Initial Security Certifications.
• Provide quarterly updates to the Plan of Action and Milestones (POA&M) and assist with annual testing and evaluation of the Contingency Plan.
• Support updating and maintaining current system information or equivalent replacement.
• Pursue self-development by being available and receptive to any training provided by the organization.
• Plan daily activities within policy, job description, and supervisor’s instructions to maximize personal output.
• Keep the immediate work area neat and orderly.
• Report unsafe conditions and practices to the appropriate supervisor and human resources.
• Correct unsafe conditions immediately.

Skills on Resume: 

• Code Scanning (Hard Skills)
• Gap Analysis (Hard Skills)
• Certification Support (Hard Skills)
• POA&M Updates (Hard Skills)
• System Maintenance (Hard Skills)
• Self Development (Soft Skills)
• Task Planning (Soft Skills)
• Safety Compliance (Soft Skills)

Job Summary: 

• Responsible for the assigned government programs, Information Systems, and Risk Management, including sensitive and classified information.
• Work closely with and develop a strong relationship with the contractor company that manages the company network.
• Support information system life cycle activities, from rapidly establishing certified and accredited systems for classified proposals to scoping systems for new programs or program segments and preparing Risk Management Framework (RMF) packages.
• Ensure incidents are identified and responded to by establishing policies and procedures.
• Ensure regular maintenance, support, and upgrades of systems during program execution.
• Assist in program close-out and de-certification activities.
• Create security Assessment and Authorization documentation, such as System Security Plans (SSPs) and RMF packages, quickly to meet program needs.
• Create policies and procedures that incorporate Westinghouse requirements while meeting all government program requirements.
• Provide support to Westinghouse Government Services LLC (WGS) program personnel.
• Serve as Information Systems Security Manager (ISSM) for classified computers and Intelligence Community computing environments.
• Maintain day-to-day security posture and continuous monitoring of IS, including security event log review and analysis.

Skills on Resume: 

• Program Management (Hard Skills)
• Contractor Relations (Soft Skills)
• Lifecycle Support (Hard Skills)
• Incident Response (Hard Skills)
• System Maintenance (Hard Skills)
• Program Closeout (Hard Skills)
• Authorization Documentation (Hard Skills)
• Security Monitoring (Hard Skills)

Job Summary: 

• Ensure system security measures comply with applicable government policies, provide configuration management, and accurately assess the impact of modifications and vulnerabilities.
• Understand applicable NIST 800 controls, determine applicability to each system, and document implementation in the Security Controls Traceability Matrix (SCTM).
• Maintain appropriate operational Information Assurance (IA) posture for programs.
• Review technical inspections, as defined in the SSP and best practices, to verify implementation and functionality of system security features.
• Serve as ISSM for DoD Controlled Unclassified Information Systems (CUI, NOFORN, ITAR) to ensure compliance with DoDM 5200.01-V4 and applicable NIST standards.
• Establish and maintain positive working relationships with the Network Provider, Program Management, program personnel, government customers, program partners, subcontractors/vendors, and the security team.
• Review proposed changes to approved documentation or system setup with WGS Security, and obtain accrediting authority approval before implementation.
• Work with WGS Security to ensure maintenance, access, and compliance reviews are conducted.
• Collaborate with WGS Security to investigate and report security violations and incidents, ensuring reporting requirements are met on time through appropriate channels.
• Assist WesDyne corporate security leadership in conducting self-inspections in preparation for security audits.
• Prepare written reports of surveys and inspections, and respond to emergencies.

Skills on Resume: 

• Security Compliance (Hard Skills)
• NIST Controls (Hard Skills)
• IA Posture (Hard Skills)
• Technical Inspections (Hard Skills)
• ISSM Oversight (Hard Skills)
• Stakeholder Relations (Soft Skills)
• Change Review (Hard Skills)
• Incident Reporting (Hard Skills)

Job Summary: 

• Lead and manage the development, implementation, and continuous monitoring of information systems.
• Ensure compliance with cybersecurity policies, including Risk Management Framework (RMF) packages within eMASS and related documentation such as SSPs and POA&Ms.
• Maintain the overall security posture of systems through active monitoring and risk mitigation strategies while adhering to evolving cyber policies and standards.
• Develop and enforce security policies, procedures, and best practices to ensure consistent implementation across systems.
• Design and deliver a robust information security education and awareness program for all personnel within the area of responsibility.
• Ensure all new systems, upgrades, or procurements comply with cybersecurity principles, incorporating appropriate security safeguards and controls.
• Serve as the primary advisor for system security, providing guidance and direction to ISSOs and stakeholders during all lifecycle phases, including accreditation and disestablishment.
• Prepare and submit RMF artifacts to support system audits, assessments, and Authority to Operate (ATO) efforts.
• Support collateral security activities by identifying and remediating security vulnerabilities, managing documentation, and tracking approvals.
• Monitor system operations for adherence to defined security controls and implement continuous monitoring strategies.
• Troubleshoot and maintain Microsoft Windows-based systems, software environments, and hardware, including desktops, embedded systems, and test equipment.
• Provide technical leadership in maintaining operational and cybersecurity readiness, coordinating across teams to ensure sustained compliance and resilience.

Skills on Resume: 

• System Management (Hard Skills)
• RMF Compliance (Hard Skills)
• Risk Mitigation (Hard Skills)
• Policy Enforcement (Hard Skills)
• Security Training (Soft Skills)
• Procurement Compliance (Hard Skills)
• Security Advisory (Soft Skills)
• System Auditing (Hard Skills)