Risk Management Framework Specialist
5 days ago
Knowledge Management, Inc. (KMI) has the leadership and experience to deliver innovative technology, logistics and management solutions to meet real mission requirements. KMI is a Minority Business Enterprise (MBE) and Small Disadvantage Business (SDB) that specializes in Logistics, Warehouse Services, Distance Learning/Training, Enterprise Solutions, Financial Management Support, Program Management, Intelligence Analysis & Threat Assessment, and Data Analytics/Operations Research. Since 1998, our solutions and services have helped our clients improve performance, drive cost and operational effectives, and map technology needs for tomorrow's requirements.
Title: Risk Management Framework Specialist
Location: Suffolk, VA
# of open positions: 3
Contract duration: Multiple year contract
Start date: End of September
Shift: Monday - Friday 700 - 1600
Salary: Please provide your salary requirement
Clearance: TS/SCI
This position has been designated as a Cyber IT/Cybersecurity Workforce position in Specialty Area 74 and as a condition of employment incumbents of the position is required to comply with the DON Cyber IT/CSWF Program requirements of SECNAV M-5239.2. This position will provide project management, detailed subject matter expertise, and expert guidance to government personnel in the execution of Command-wide Cybersecurity. Managing cybersecurity, certification and accreditation and configuration change boards of all NCDOC Classified and Unclassified networks.
QUALIFICATIONS REQUIRED:
- Certified Information Systems Security Professional (CISSP) certification
- 1-3 years of experience with Assured Compliance Assessment System (ACAS) and/or Nessus.
- 5-10 years Certification and Accreditation (C&A) package assembly experience
- Risk Management Framework (RMF) training and certification is desired
- Prior appointment as a Fully Qualified Navy Validator is preferred (experience with DOD validation will be considered on a case-by-case basis)
QUALIFICATIONS DESIRED:
- Bachelor's Degree - Information Technology Field of Study
- CompTIA Security+
- Certified Ethical Hacker
REQUIRED DUTIES:
- Creates, reviews, updates, and validate Cybersecurity Standard Operations Procedures (SOPs) as required.
- Reviews and maintains an inventory of authorized software (software custodian)
- Reviews and maintains an inventory of devices and media
- Audits and validates configurations deployed on laptops, workstations, and servers
- Audits and validates configurations of network devices based on DISA STIGs, or defining and implementing compensating controls of such STIGs as required to ensure mission execution.
- Maintain and update all Risk Management Framework (RMF) and C&A documentation to ensure the relevancy and currency of Navy Red Team assets to include required revisions and updates in eMass.
- Conduct comprehensive annual RMF package reviews to ensure continued compliance of the Navy Red Team tool suite and/or Networks.
- Ensure traceability is maintained throughout the RMF submission process (e.g.: C&A Plan, POAM, RAR, Topology, Software, Ports Protocols and Services, Test Plan).
- Maintain network and system documentation in DITPR-DON / DADMS.
- Maintain documentation and registration of Network Ports, Protocols, and Services.
- Maintain circuit registrations in Global Interconnection Approval Process System (GIAP) and Systems/Network Approval Process (SNAP).
- Maintain and report on the status of all outstanding C&A items and supporting documentation.
- As a member of the Configuration Control Board (CCB), ensures CCB approved changes are timely and accurately reflected in the C&A documentation.
- Support compliance validation of current and future directives (e.g.: IAVs, STIGs, CTOs).
- Provide recommendations for corrective action of any non-compliant security controls.
- Execute DISA STIG validations for systems in conjunction with C&A package reviews annually.
- Provide security expertise to ensure security controls are implemented and the resulting documentation and artifacts are current.
- Prepare reports on scanning results and configuration management observations monthly.
- Document assessment activities and results in sufficient detail to enable external review of all assessment processes, activities, results, and conclusions.
- Conduct and document a semi-annual table top exercise (two times) each calendar year.
- Produce test plans, draft after actions and other documents for review and comment.
- Review and/or revise Business Impact Analysis (BIA) to include business process, IT dependency, and physical security assessments annually.
- Review and analyze IT contingency / disaster recovery plans for NIST and DoN Compliance and produce checklists for IT systems.
- Assist with exercise and/or training and documentation of IT contingency plan and execution.
Equal Employment Opportunity Statement. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
E-Verify Statement. Knowledge Management, Inc. participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. If E-Verify cannot confirm that you are authorized to work, KMI is required to give you written instructions and an opportunity to contact Department of Homeland Security (DHS) or Social Security Administration (SSA) so you can begin to resolve the issue before the employer can take any action against you, including terminating your employment. Employers can only use E-Verify once you have accepted a job offer and completed the Form I-9.
Pay Transparency Non-Discrimination Provision. Knowledge Management, Inc. will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
Disability Statement. Knowledge Management aims to be a supportive workplace in all aspects of diversity, including accommodating those with additional needs. If you have a disability and need reasonable accommodation or assistance at any point in the application or onboarding process, please email us at marie@knowledgemanagement.com.
-
Risk Management Framework Specialist
7 days ago
Suffolk, United States Knowledge Management, Inc. Full timeKnowledge Management, Inc. (KMI) has the leadership and experience to deliver innovative technology, logistics and management solutions to meet real mission requirements. KMI is a Minority Business Enterprise (MBE) and Small Disadvantage Business (SDB) that specializes in Logistics, Warehouse Services, Distance Learning/Training, Enterprise Solutions,...
-
Technology Governance Specialist
1 month ago
Suffolk, United States Bank & Investment Group Full timePrimary Purpose: The primary role of the Technology Governance Specialist is to work with the Technology Governance Officer in shaping the framework of Technology Governance at TowneBank. They will lead the yearly review of existing Technology Department Documentation. Work with document owners to verify information contained in the documents are still...
-
Technology Governance Specialist
3 weeks ago
Suffolk, United States Bank & Investment Group Full timePrimary Purpose: The primary role of the Technology Governance Specialist is to work with the Technology Governance Officer in shaping the framework of Technology Governance at TowneBank. They will lead the yearly review of existing Technology Department Documentation. Work with document owners to verify information contained in the documents are still...
-
Cyber Security Specialist
1 week ago
Suffolk, United States Nexagen Networks Inc Full timeJob DescriptionJob DescriptionCertification Requirement: CSWF IAM Lvl 2 (CASP,CISSP..etc), Cloud Foundations cert (i.e.AWS, Azure, CompTIA), ITILv3 or later foundations certification.Qualifications listed on Contract (Copy and Paste from the Contract):A minimum of ten (10) years of work experience in the area of providing security services including...
-
Cyber Security Specialist
3 weeks ago
Suffolk, United States Nexagen Networks Inc Full timeJob DescriptionJob DescriptionCertification Requirement: CSWF IAM Lvl 2 (CASP,CISSP..etc), Cloud Foundations cert (i.e.AWS, Azure, CompTIA), ITILv3 or later foundations certification.Qualifications listed on Contract (Copy and Paste from the Contract):A minimum of ten (10) years of work experience in the area of providing security services including...
-
Injury Prevention Specialist
2 months ago
Suffolk, United States Amazon.com Services LLC Full timeOne focus area of the Amazon Workplace Health & Safety (WHS) mission is to provide tools, resources, and environments that support safe, efficient, healthy behaviors and encourage employees to proactively manage their health and wellbeing. To support this focus area, Amazon is seeking an experienced and innovative Injury Prevention Specialist to join our...
-
Personnel Security Specialist
1 month ago
Suffolk, United States Cherokee Nation Businesses Full timeJob DescriptionSr. Management Analyst Personnel Security This position requires an active Top Secret clearance. Cherokee Nation Strategic Programs (CNSP) is seeking a Sr. Management Analyst to support the efforts at the Joint Staff Security Office - Hampton Roads in support of Joint Staff Security Office Operations and Activities. The JSSO-HR supports an...
-
Senior Cybersecurity Analyst
3 days ago
Suffolk, United States Gray Tier Technologies LLC Full timeGray Tier Technologies is looking for a Senior Cybersecurity Analyst (CSA) or ISSE with RMF expertise to join our team in Suffolk, VA. The Senior CSA must be local to the Tidewater region. **TS/SCI Required** RESPONSIBILITIES: Plan and implement safety measures by collecting information about security incidents and outcomes. Understanding of various...
-
Suffolk, United States Tetrad Digital Integrity Full timeTetrad Digital Integrity (TDI) is a leading-edge cybersecurity firm with a mission to safeguard and protect our customers from increasing threats and vulnerabilities in this digital age. We are now seeking a part-time, TS/SCI cleared, Senior Cybersecurity Analyst (CSA) or ISSE to join our team in Suffolk, VA, with RMF expertise. The Senior CSA will work...
-
Suffolk, United States Tetrad Digital Integrity LLC Full timeJob DescriptionJob DescriptionTetrad Digital Integrity (TDI) is a leading-edge cybersecurity firm with a mission to safeguard and protect our customers from increasing threats and vulnerabilities in this digital age.We are now seeking a part-time, TS/SCI cleared, Senior Cybersecurity Analyst (CSA) or ISSE to join our team in Suffolk, VA, with RMF expertise....
-
Suffolk, United States Tetrad Digital Integrity LLC Full timeJob DescriptionJob DescriptionTetrad Digital Integrity (TDI) is a leading-edge cybersecurity firm with a mission to safeguard and protect our customers from increasing threats and vulnerabilities in this digital age.We are now seeking a part-time, TS/SCI cleared, Senior Cybersecurity Analyst (CSA) or ISSE to join our team in Suffolk, VA, with RMF expertise....
-
IT Specialist
3 days ago
Suffolk, United States US United States Fleet Forces Command Full time**Duties**: - You will serve as an IT Specialist (INFOSEC) in the Identity and Access Management Division (CYBER3), Cyber Security Department (CYBER), at Naval Network Warfare Command (NAVNETWARCOM). - You will serve as the Cybersecurity Assurance Investigation Officer (CSIO) with oversight of Navy Operational Information Assurance (IA) Investigation...
-
NC3/Space Senior Cybersecurity Analyst
3 weeks ago
Suffolk, United States HazeGrayCyber Full timeJob DescriptionJob DescriptionHazeGrayCyber, LLC is focused on delivering Cyber Security and Zero Trust Solutions to the US National Defense community and our allies and partners. We are looking for a full-time Nuclear Command, Control, and Communications (NC3)/Space Senior Cybersecurity Analyst or Information Security Systems Engineer (ISSE) that has...
-
Event Specialist
2 weeks ago
Suffolk, United States Believers Church Full timeHub 757 is looking to hire an additional Event Specialist to join our team. Event Specialists are the face of Hub 757 caring for clients, vendors, and guests during each event. During a shift an Event Specialist will greet all who enter the venue and ensure guests are informed of the space and location of the event. Through the duration of the event the...
-
Event Specialist
4 weeks ago
Suffolk, United States Believers Church Full timeJob Description Job Description Salary: $15 hourly Hub 757 is looking to hire an additional Event Specialist to join our team. Event Specialists are the face of Hub 757 caring for clients, vendors, and guests during each event. During a shift an Event Specialist will greet all who enter the venue and ensure guests are informed of the space and location of...
-
Event Specialist
2 weeks ago
Suffolk, United States Believers Church Full timeJob Description Job Description Salary: $15 hourly Hub 757 is looking to hire an additional Event Specialist to join our team. Event Specialists are the face of Hub 757 caring for clients, vendors, and guests during each event. During a shift an Event Specialist will greet all who enter the venue and ensure guests are informed of the space and location of...
-
Event Specialist
3 weeks ago
Suffolk, United States Believers Church Full timeJob DescriptionJob DescriptionSalary: $15 hourlyHub 757 is looking to hire an additional Event Specialist to join our team. Event Specialists are the face of Hub 757 caring for clients, vendors, and guests during each event. During a shift an Event Specialist will greet all who enter the venue and ensure guests are informed of the space and location of the...
-
Event Specialist
4 weeks ago
Suffolk, United States Believers Church Full timeJob DescriptionJob DescriptionSalary: $15 hourlyHub 757 is looking to hire an additional Event Specialist to join our team. Event Specialists are the face of Hub 757 caring for clients, vendors, and guests during each event. During a shift an Event Specialist will greet all who enter the venue and ensure guests are informed of the space and location of the...
-
Event Specialist
4 weeks ago
Suffolk, United States Believers Church Full timeJob DescriptionJob DescriptionSalary: $15 hourlyHub 757 is looking to hire an additional Event Specialist to join our team. Event Specialists are the face of Hub 757 caring for clients, vendors, and guests during each event. During a shift an Event Specialist will greet all who enter the venue and ensure guests are informed of the space and location of the...
-
Warehouse Specialist
1 month ago
Suffolk, United States LRAssociatesLLC Full timeLR Associates, LLC is a Veteran owned federal government contractor providing facilities management and other services to various government customers. We support our customers with highly skilled personnel and provide customized solutions to accomplish the mission. We are looking for full-time Warehouse Specialists for our government customer in Suffolk,...
