Job Description
Insight Global is looking for a qualified Secret cleared Sr. Cybersecurity RMF Validator in Doral, FL to support of one of are large federal clients. Their day-to-day will include, but is not limited to:
· Conduct security assessments of system security plans to help ensure that plans provide security controls for information systems that meet stated security requirements.
· Conduct comprehensive assessments of the management, operational, and technical security controls employed within or inherited by an information system to determine the overall effectiveness of the controls.
· Ensure compliance of security configurations for IT systems and aid in providing clear and concise processes and procedures for the implementation and enforcement of system security configurations.
· Support the risk management process by helping to determine and assign risk impact ratings in accordance with Information Assurance standards guidelines and methodologies and by aiding in the development and maintenance of Plans of Action and Milestones (POA&Ms) for IT systems identified in the Risk Management Framework (RMF) process and annual security assessments of IT systems.
· Provide assessments of the severity of weaknesses or deficiencies discovered in the information system and its environment of operation and recommend corrective actions to address identified vulnerabilities and prepare the security assessment reports containing the results and findings from system security assessments.
· Demonstrated knowledge and experience of IA / INFOSEC concepts and requirements: Firewall Policy, Ports & Protocols, Cybersecurity
· Knowledge of the DOD A&A process and standards RMF
· System / network vulnerability analysis
· Risk assessment and risk mitigation analysis
· Security Test and Evaluation (ST&E)
· Knowledge and experience of the Defense Information Systems Agency published Security Technical Information Guidance (STIG) requirements and implementation/compliance process.
· Knowledge of virtualization, networking, Windows and Linux Operating Systems, and storage and backup.
· Possess strong oral and technical writing skills.
· Possess extensive knowledge of the US Government Information Assurance Security Processes.
· Knowledge of Information Assurance policies and procedures, and processes are also desired
· Practical experience in Cybersecurity, Engineering, T&E or A&A
Required Skills & Experience
· Bachelors degree or equivalent years of experience
· 3+ years of practical computer security experience
· DoD information assurance policy experience
· Experience with developing and presenting technical information and presentations to non-technical audiences and clients
· Experience with RMF process and POA&M tracking and resolution
· Experience with NIST publications (e.g. DoD 8500 series, AR 25-2, AR 380-5, AR 380-40, FIPS)
· DoD 8570 Certification, including IAM-II (e.g. CAP, CASP, CISSP, GSLC, or CISM)
· Experience with the Enterprise Mission Assurance Support Service (eMASS)
Possesses an active DoD Secret security clearance and ability to obtain & maintain a TS/SCI
Nice to Have Skills & Experience
· Military Experience: experience with hardware and software design of tactical systems using components from the common criteria, UC APL, or NIST and FIPS validation program lists
CompTIA Security+, CAP, CISM, CISSP certifications
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.