Security / RMF Lead
New
E
Essnova Solutions, Inc.GovCon
United States, Eastern Time (ET)Full-TimeLead
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Experience
- 6+ years
Requirements
- Bachelor's degree in cybersecurity, information assurance, computer science, or a related field
- 6+ years of federal information security experience applying NIST RMF (NIST SP 800-37)
- Experience developing and maintaining SSPs, POA&Ms, and ATO packages for FIPS 199 Moderate or higher systems
- Experience using vulnerability scanning results to track remediation to closure
- Hands-on experience with federal security management tools (CSAM and eMASS)
- Working knowledge of NIST SP 800-53 Rev. 5 and NIST SP 800-53A
- Knowledge of FISMA 2014 reporting and OMB security directives
- Knowledge of Privacy Act and E-Government Act privacy provisions
- Active Tier 4 / High Risk / Public Trust Level 6+ clearance at proposal submission
Responsibilities
- Maintain System Security Plans (SSPs) as living documents for all NCHS systems.
- Manage Plan of Action & Milestones (POA&Ms) with quarterly progress reviews, closure evidence, and remediation tracking.
- Remediate vulnerabilities within mandated timelines and provide retesting evidence.
- Prepare Authorization to Operate (ATO) packages for Authorizing Official review.
- Conduct annual security assessments of key controls using CSAM or equivalent tools.
- Submit monthly authenticated vulnerability and application scan results.
- Coordinate with federal ISSOs/CISOs and security authorization officials.
- Support implementation of the Risk Management Framework (RMF), FISMA compliance, and OMB directives.
- Support PTA/PIA activities with privacy officials.
View Full Description & ApplyYou'll be redirected to the employer's site
