Job Listing Description

Cybersecurity Risk Management Framework SME 3 - C

Chipton-Ross is seeking 6 Cybersecurity Risk Management Framework SME 3's for openings in San Diego, CA or Sacramento, CA.

Primary responsibility is to perform tasks related to Assessment & Authorization (A&A) and cybersecurity under the Defense Health Agency (DHA) to obtain and maintain Authorizations to Operate (ATOs) for assigned DoD medical systems (i.e., applications, networks, devices). This position will be a part of a team developing recommended courses of action needed to transition current policies and procedures to the DHA RMF-approved processes.

Primary Responsibilities:
o Provide solutions to complex problems that require the regular use of expertise and creativity. Problems are broadly defined and solutions require the continuation of specialized theories and knowledge.
o Serve as Subject Matter Expert (SME) on one or more technologies/skills related to A&A activities.
o Conduct risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs
o Actively participate in working group meetings to identify, plan, and execute strategies in response to emerging cybersecurity/RMF policies
o Attend and participate in regular A&A status meetings to facilitate progress and address potential issues of RMF system efforts
o Maintain awareness and knowledge of evolving security and risk management standards and communicate and apply relevant changes to existing processes

Day-to-day tasks are contingent on related experience and assigned role, and may include the following:
o Develop, update, and/or review RMF documentation to include Security Plans, Implementation Plans, Plans of Action and Milestones (POA&Ms), and Risk Assessment Reports
o Assess system compliance against NIST, DoD, and DHA security requirements to include the NIST 800-53 controls and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)
o Produce evidence as necessary to support compliance status of NIST, DoD, and DHA security requirements
o Work with system administrators, engineers, and developers to create or update system/site policies, procedures, and process guides
o Coordinate with other system SMEs to identify and develop authorization boundary diagrams, architecture diagrams, and hardware and software inventories
o Conduct regular vulnerability scans of information systems and assist in remediation tasks
o Submit weekly reports to DHA leadership regarding system/program status

o BS degree and six (6) years of experience with Cybersecurity / Information Technology, or twelve (12) years of hands-on experience with Cybersecurity / Information Technology and demonstrated efficiency and experience in one or more of the following areas:
o RMF package development, including POA&Ms (mitigation statements), Security Plans, Risk Assessments, system/site policies, procedures, and processes, architecture diagrams, and hardware and software inventories
o Assured Compliance Assessment Solution (ACAS) and Host Based Security System (HBSS)
o DISA STIGs/SRGs validation
o NIST 800-53 control validation
o Continuous Monitoring and Risk Scoring (CMRS)
o RMF policy development and strategy implementation
o BIOMED experience (former technician, physician, engineer, etc.) installing, testing, using, maintaining, designing, and/or modifying medical equipment and applications
o Demonstrated experience with Risk Management Framework (experience under DHA a plus)
o Excellent customer service and organization skills
o Excellent oral and written communication skills
o Familiarity with NIST publications
o Active DoD Secret security clearance
o DoD 8570-compliant (CompTIA Security+ certified)
o Ability to obtain OS certification or complete approved related training within 180 days of hire
o Ability to travel up to 25-35%

Additional Qualifications a Plus:
o Experience with eMASS
o Knowledge in one or more of the following technologies:
o Medical devices
o Windows
o Linux/Unix
o Network Devices
o Databases - MS SQL, Oracle
o VMWare - Virtualization

Accredited BS degree.


Applicants responding to this position will be subject to a government security investigation and must meet eligibility requirements by currently possessing the ability to view classified government information.

Job Number: 177650
Job Location: San Diego, CA
Rate: Up to $40.00 DOE
Duration: 6 Months
Input Date: 03/01/2019
Last Updated: 03/19/2019
Attention: Zachary Fasano
Address: 343 MAIN ST
City, State: EL SEGUNDO, CA 90245
Phone: 310/414-7800 X286
800 Phone: 800/927-9318
Fax Phone: 310/414-7808

Previous Listing       Next Listing
Back to Abbreviated Search Results
Back to Complete Search Results
Back to Advanced Job Search

Phone: (425) 806-5200
Fax: (425) 806-5585
ContractJobHunter is a service of:
C.E. Publications, Inc.
P.O. Box 3006, Bothell, WA 98041-3006, USA
The content of this website is Copyright 2019 C.E. Publications, Inc.