Jacobs is seeking a Deputy RMF/SCA Lead in Reston, VA.
• Serves in an advisory role by providing RMF/FISMA/FedRAMP guidance
• Leads the security control assessments (SCA) for a federal civilian client
• Provides leadership and oversight of more than ten (10) security control
• Leads the collection of system information, categorization of information
systems, selection, and tailoring of security controls in accordance with
• Provides support for client information systems, in accordance with client
Security Test & Authorization (ST&A) processes
• Leads Security Impact Analysis (SIA), Privacy Impact Analysis (PIA), and
Contingency Plan testing efforts
• Coordinates vulnerability scans and analyzes web, OS, and database scan
• Provides guidance for remediation of all ‘Critical’ and ‘High’ vulnerabilities
• Provides technical expertise and recommendations for updating and
improving client ST&A policies and procedures
• Oversees the management of POA&M monitoring, tracking, and reporting
• Provides POA&M remediation guidance to technical and non-technical
• Provides oversight for continuous monitoring activities for on-prem and
• 7+ years of technical experience in cybersecurity
• 5+ Experience with applying the NIST Risk Management Framework
• 3+ Experience with Federal Risk and Authorization Management Program
• Experience with NIST special publications (SPs) regarding the SA process,
including SP 800-53, SP 800-137, SP 800-171, and SP 800-37
• Experience with developing and managing continuous monitoring and
plans of action and milestones (POA&M)
• Experience with assessing systems and applications deployed in on
premise and cloud environments following federal, healthcare industry, and
broader cybersecurity community guidelines and best practices
• Ability to articulate cybersecurity subject matter to audiences of varying
• Organized, self-starter, with the ability to effectively manage multiple tasks
simultaneously; coordinating and ensuring scheduled goals are met
• Able to communicate effectively through written and verbal means to co-
workers and senior leadership
• Certification Requirement, one or more of the following:
• Electronic Commerce Council Certified Ethical Hacker (ECC)
• GIAC Systems and Network Auditor (GSNA)
• ISC2 Certified Authorization Professional (CAP)
• ISC2 Certified Information System Security Professional (CISSP)
• ISACA Certified Information System Auditor (CISA)
• Certificate of Cloud Security Knowledge (CCSK)
• 4+ years of experience with certification and accreditation (C&A) or A&A
• 4+ years of experience as a security control assessor or validator preferred
Most work will be done at a desk or computer.
General Office environment. The work environment is fast-paced and sometimes involves extreme deadline pressures. The nature of the work requires a high degree of teamwork and cooperation with other members of the staff as well as individuals across the Company and Customers.
Equipment & Machines:
General office equipment including PC/laptop, Fax, Copiers, Shredder, Printers, Telephone, and other miscellaneous office equipment.
Attendance is critical at all times. Must be able to work a 40-hour workweek, normally Monday through Friday. However, times and days may vary depending on business requirements. Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur.
Other Essential Functions:
Must be able to communicate effectively both verbally and in writing
Grooming and dress must be appropriate for the position and must not impose a safety risk/hazard to the employee or others. Must put forward a professional behavior that enhances productivity and promotes teamwork and cooperation.
Must be able to interface with individuals at all levels of the organization both verbally and in writing. Must be well-organized with the ability to coordinate and prioritize multiple tasks simultaneously. Must work well under pressure to meet deadline requirements. Must be willing to travel as needed. Must take and pass a drug test and background check as well as a motor vehicle records check.
Primary Location: United States-Virginia-Reston-20351-VARE
Job Posting: Jul 8, 2020, 5:56:10 PM
Job: Information Technology
Job Type: Experienced
Job Classification: Full-Time Regular
11091 Sunset Hills Road Suite 777
Capabilities: Cyber Security