Risk Management Framework (RMF) SME

Posted:
11/5/2024, 3:42:39 AM

Location(s):
Hawaii, United States ⋅ Aiea, Hawaii, United States

Experience Level(s):
Expert or higher ⋅ Senior

Field(s):
IT & Security

Workplace Type:
On-site

SMX is seeking an RMF Subject Matter Expert to support USINDOPACOM PEO-C4’s of programs. This position is onsite at Camp H.M. Smith Marine Corps Base in Hawaii.

This position requires a DoD Secret security clearance with the ability to obtain a TS/SCI which requires US citizenship.

Essential Duties & Responsibilities

  • Supports all phases of the Assessment and Authorization (A&A) processes defined by the Risk Management Framework (RMF) policy DoDI 851001
  • Provide Subject Matter Expertise in the areas of system and risk mitigations; make recommendations to the INDOPACOM CISO throughout the security life cycle of all authorized systems within the USINDOPACOMs Approving Official’s (AO) DoDIN Area of Responsibility (DAO)
  • Provide support to current and future authorizations including Memorandum of Agreement (MOA), Memorandum of Understanding (MOU), Interconnection Security Agreements (ISA), Partner Nation Connections, Defense Security Cybersecurity Authorization Working Group (DSAWG), and Information Security Risk Management Committee (ISRMC)
  • Assist with authority to connect process and provide subject matter expertise in all steps of the process
  • Support INDOPACOM Cybersecurity Division and meeting Federal Information Security Modernization Act (FISMA) requirements through tracking compliance, validation and reporting to higher Headquarters
  • Performs verification and validation of a system’s security controls and safeguards designed through the security engineering process
  • Provides support for vulnerability analysis based on intelligence reporting, compliance status, systems scan and other reporting tools
  • Coordinates and/or assists in the preparation of all cybersecurity related inspections, audits and assessments 
  • Conducts technical and procedural audits to validate the security posture of HQ USINDOPACOM, Subordinate Commands, Direct Reporting Units (DRUs) and Partners
  • Supports the cybersecurity Risk Management program by validating and/or assessing security controls, developing Risk Assessment Reports (RARs) and interfacing with system owners, Information System Security Managers (ISSMs) and Information System Security Officers (ISSOs)
  • Assists in the development, implementation, and tracking of the Cybersecurity Workforce and cybersecurity awareness programs

Required Skills & Experience

  • Five (5) to Ten (10) years of related experience in Cybersecurity, Information Assurance, RMF, eMASS, ISSE/ISSM, Assessment and Authorization (A&A) process
  • Active Secret clearance with the ability to obtain a TS/SCI clearance
  • BS or BA degree in Computer Science, Information Systems, Cybersecurity, or a related discipline OR associate degree and additional experience may be substituted for a Bachelor’s degree
  • Experience with IA vulnerability testing and related network and system test tools, (ie HBSS, EVSS, ACAS, STIGs, etc)
  • Three (3) years to (5) years of experience providing information assurance, engineering, or operational support to the DoD, including supporting information operations, cyber operations, system administration, and systems security
  • One (1) year of experience evaluating the cyber compliance of a system against current Risk Managed Framework (RMF) and DoD Cybersecurity policies
  • Experience interpreting cybersecurity advisories or tasking orders Ability to leverage diverse sources to gain a technical understanding of a vulnerability, exploitation, and potential impact
  • Meets DoD 8140 certification requirements, e.g. CASP, CISM, CISSP, etc.

Desired Skills & Experience

  • Experience with USINDOPACOM
  • Knowledgeable in DoD policies and NIST Publications
  • Intra-agency or joint command experience

 

Application Deadline:  November 25, 2024

#LI-AP1  #CJPOST 

 


The SMX salary determination process takes into account a number of factors, including but not limited to, geographic location, Federal Government contract labor categories, relevant prior work experience, specific skills, education and certifications. At SMX, one of our Core Values is to Invest in Our People so we offer a competitive mix of compensation, learning & development opportunities, and benefits. Some key components of our robust benefits include health insurance, paid leave, and retirement.

The proposed salary for this position is:
$147,000$220,000 USD

At SMX®, we are a team of technical and domain experts dedicated to enabling your mission. From priority national security initiatives for the DoD to highly assured and compliant solutions for healthcare, we understand that digital transformation is key to your future success.

We share your vision for the future and strive to accelerate your impact on the world. We bring both cutting edge technology and an expansive view of what’s possible to every engagement. Our delivery model and unique approaches harness our deep technical and domain knowledge, providing forward-looking insights and practical solutions to power secure mission acceleration.

SMX is committed to hiring and retaining a diverse workforce. All qualified candidates will receive consideration for employment without regard to disability status, protected veteran status, race, color, age, religion, national origin, citizenship, marital status, sex, sexual orientation, gender identity or expression, pregnancy or genetic information.  SMX is an Equal Opportunity/Affirmative Action employer including disability and veterans. 

Selected applicant will be subject to a background investigation.

SMX

Website: https://www.smxtech.com/

Headquarter Location: Hollywood, Maryland, United States

Employee Count: 1001-5000

Year Founded: 1995

IPO Status: Private

Industries: Analytics ⋅ Cloud Computing ⋅ Cloud Data Services ⋅ Cloud Security ⋅ Cyber Security ⋅ Information Technology ⋅ IT Management ⋅ Software