Deputy RMF/SCA Lead - (CYB000083)

  • Jacobs
  • United States-Virginia-Reston-20351-VARE
  • Jul 13, 2020
Full time Construction

Job Description

Description
 
Jacobs is seeking a Deputy RMF/SCA Lead in Reston, VA.
 
Job Description:
• Serves in an advisory role by providing RMF/FISMA/FedRAMP guidance
        and oversight
• Leads the security control assessments (SCA) for a federal civilian client
• Provides leadership and oversight of more than ten (10) security control
        assessment staff
• Leads the collection of system information, categorization of information
        systems, selection, and tailoring of security controls in accordance with
        NIST guidelines
• Provides support for client information systems, in accordance with client
        Security Test & Authorization (ST&A) processes
• Leads Security Impact Analysis (SIA), Privacy Impact Analysis (PIA), and
        Contingency Plan testing efforts 
• Coordinates vulnerability scans and analyzes web, OS, and database scan
        results
• Provides guidance for remediation of all ‘Critical’ and ‘High’ vulnerabilities 
• Provides technical expertise and recommendations for updating and
        improving client ST&A policies and procedures 
• Oversees the management of POA&M monitoring, tracking, and reporting
• Provides POA&M remediation guidance to technical and non-technical
        stakeholders
• Provides oversight for continuous monitoring activities for on-prem and
        cloud-based systems
 
 
Qualifications
 
 
Qualifications:   
• 7+ years of technical experience in cybersecurity
• 5+ Experience with applying the NIST Risk Management Framework
        (RMF)
• 3+ Experience with Federal Risk and Authorization Management Program
        (FedRAMP)
• Experience with NIST special publications (SPs) regarding the SA process,
        including SP 800-53, SP 800-137, SP 800-171, and SP 800-37
• Experience with developing and managing continuous monitoring and
        plans of action and milestones (POA&M)
• Experience with assessing systems and applications deployed in on
        premise and cloud environments following federal, healthcare industry, and
        broader cybersecurity community guidelines and best practices
• Ability to articulate cybersecurity subject matter to audiences of varying
        technical acumen
• Organized, self-starter, with the ability to effectively manage multiple tasks
        simultaneously; coordinating and ensuring scheduled goals are met
• Able to communicate effectively through written and verbal means to co-
        workers and senior leadership
• Certification Requirement, one or more of the following:
• Electronic Commerce Council Certified Ethical Hacker (ECC)
• GIAC Systems and Network Auditor (GSNA)
• ISC2 Certified Authorization Professional (CAP)
• ISC2 Certified Information System Security Professional (CISSP)
• ISACA Certified Information System Auditor (CISA)
• Certificate of Cloud Security Knowledge (CCSK)
 
Preferred Qualifications:
• 4+ years of experience with certification and accreditation (C&A) or A&A
        preferred
• 4+ years of experience as a security control assessor or validator preferred
 
Essential Functions:
Physical Requirements:
Most work will be done at a desk or computer.
 
Work Environment:
General Office environment. The work environment is fast-paced and sometimes involves extreme deadline pressures. The nature of the work requires a high degree of teamwork and cooperation with other members of the staff as well as individuals across the Company and Customers.
 
Equipment & Machines:
General office equipment including PC/laptop, Fax, Copiers, Shredder, Printers, Telephone, and other miscellaneous office equipment.
 
Attendance:
Attendance is critical at all times. Must be able to work a 40-hour workweek, normally Monday through Friday.  However, times and days may vary depending on business requirements. Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur.
 
Other Essential Functions:
Must be able to communicate effectively both verbally and in writing
Grooming and dress must be appropriate for the position and must not impose a safety risk/hazard to the employee or others. Must put forward a professional behavior that enhances productivity and promotes teamwork and cooperation.
Must be able to interface with individuals at all levels of the organization both verbally and in writing. Must be well-organized with the ability to coordinate and prioritize multiple tasks simultaneously. Must work well under pressure to meet deadline requirements. Must be willing to travel as needed. Must take and pass a drug test and background check as well as a motor vehicle records check.
 
 Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, creed, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, medical condition, marital or domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability or physical disability, genetic information, military or veteran status, citizenship, low-income status or any other status or characteristic protected by applicable law. Learn more about your rights under Federal EEO laws and supplemental language. 

Primary Location

: United States-Virginia-Reston-20351-VARE

Travel

: No

Job Posting

: Jul 8, 2020, 5:56:10 PM

Job

: Information Technology

Organization

: CMS

Job Type

: Experienced
Job Classification: Full-Time Regular

Work Locations

: 
20351-VARE 
11091 Sunset Hills Road Suite 777
 Reston 20190
Capabilities: Cyber Security