Job Listing Description

Cybersecurity Risk Management Framework - Secret

PDS Tech, Inc. is seeking a Cybersecurity Risk Management Framework SME in North Charleston, SC.


  • Primary responsibility is to perform tasks related to Assessment & Authorization (A&A) and cybersecurity under the Defense Health Agency (DHA) to obtain and maintain Authorizations to Operate (ATOs) for assigned DoD medical systems (i.e., applications, networks, devices).
  • This position will be a part of a team developing recommended courses of action needed to transition current policies and procedures to the DHA RMF-approved processes. 

Primary Responsibilities:

  • Provide solutions to complex problems that require the regular use of expertise and creativity.
  • Problems are broadly defined and solutions require the continuation of specialized theories and knowledge.
  • Serve as Subject Matter Expert (SME) on one or more technologies/skills related to A&A activities. 
  • Conduct risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs.
  • Actively participate in working group meetings to identify, plan, and execute strategies in response to emerging cybersecurity/RMF policies.
  • Attend and participate in regular A&A status meetings to facilitate progress and address potential issues of RMF system efforts.
  • Maintain awareness and knowledge of evolving security and risk management standards and communicate and apply relevant changes to existing processes. 

Day-to-day tasks are contingent on related experience and assigned role, and may include the following:

  • Develop, update, and/or review RMF documentation to include Security Plans, Implementation Plans, Plans of Action and Milestones (POA&Ms), and Risk Assessment Reports.
  • Assess system compliance against NIST, DoD, and DHA security requirements to include the NIST 800-53 controls and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs).
  • Produce evidence as necessary to support compliance status of NIST, DoD, and DHA security requirements.
  • Work with system administrators, engineers, and developers to create or update system/site policies, procedures, and process guides. 
  • Coordinate with other system SMEs to identify and develop authorization boundary diagrams, architecture diagrams, and hardware and software inventories.
  • Conduct regular vulnerability scans of information systems and assist in remediation tasks. 
  • Submit weekly reports to DHA leadership regarding system/program status.

Minimum Qualifications:
  • BS degree and six (6) years of experience with Cybersecurity / Information Technology, or twelve (12) years of hands-on experience with Cybersecurity / Information Technology and demonstrated efficiency and experience in one or more of the following areas:

  1. RMF package development, including POA&Ms (mitigation statements), Security Plans, Risk Assessments, system/site policies, procedures, and processes, architecture diagrams, and hardware and software inventories
  2. Assured Compliance Assessment Solution (ACAS) and Host Based Security System (HBSS)
  3. DISA STIGs/SRGs validation
  4. NIST 800-53 control validation
  5. Continuous Monitoring and Risk Scoring (CMRS)
  6. RMF policy development and strategy implementation
  7. BIOMED experience (former technician, physician, engineer, etc.) installing, testing, using, maintaining, designing, and/or modifying medical equipment and applications

  • Demonstrated experience with Risk Management Framework (experience under DHA a plus).
  • Excellent customer service and organization skills.
  • Excellent oral and written communication skills.
  • Familiarity with NIST publications. 
  • Active DoD Secret security clearance.
  • DoD 8570-compliant (CompTIA Security+ certified).
  • Ability to obtain OS certification or complete approved related training within 180 days of hire.
  • Ability to travel up to 25-35% **Note: Position is remote-based; however, applicant must be located within the San Antonio, TX region and able to attend local meetings/events on site as needed.

Additional Qualifications a Plus:

  • Experience with eMASS.

Knowledge in one or more of the following technologies:

  • Medical devices.
  • Windows. 
  • Linux/Unix. 
  • Network Devices. 
  • Databases – MS SQL, Oracle. 
  • VMWare – Virtualization. 

Job Number: 1910099445
Job Location: Charleston, SC
Duration: 6 months
Input Date: 03/08/2019
Last Updated: 06/17/2019
Attention: Alex Lieberman
Address: 1839 S ALMA SCHOOL RD STE 250
City, State: MESA, AZ 85210
Phone: 480/929-9922
800 Phone: 800/657-0997
Fax Phone: 480/929-9779

Previous Listing       Next Listing
Back to Abbreviated Search Results
Back to Complete Search Results
Back to Advanced Job Search

Phone: (425) 806-5200
Fax: (425) 806-5585
ContractJobHunter is a service of:
C.E. Publications, Inc.
P.O. Box 3006, Bothell, WA 98041-3006, USA
The content of this website is Copyright 2019 C.E. Publications, Inc.