Title:Cybersecurity RMF A&A Analyst SME 4
KBR is seeking a Cyber Analyst/Engineer with Risk Management Framework (RMF) experience to perform Assessment and Authorization (A&A) analysis and conduct Independent Verification and Validation (IV&V) for Computer Network Defense (CND) systems, major applications, enclaves, and medical devices. This role will work collaboratively with Information Technology (IT) Engineers, System Administrators, Information Systems Security Managers (ISSM), and Security Controls Assessor Representatives (SCAR) to conduct cyber security analysis, assessment, mitigation, and remediation to ensure compliance with applicable Department of Defense (DoD) and Defense Health Agency (DHA) policies, procedures, and regulations.
This individual’s primary responsibility will be to track efforts and perform tasks related to A&A within DHA to ensure assigned DoD information systems, devices, and networks can obtain and maintain an Authorization to Operate (ATO) and other decisions. This individual will plan, coordinate, and lead teams to conduct assessments of information systems and networks to identify vulnerabilities, risks, and security requirements in accordance with the DHA A&A process. Secondary responsibilities include testing CCIs, validating Security Plans, recording weekly status updates, and extensive work in eMASS packages. This individual will be responsible for supporting DHA SCARs, the DHA Security Control Assessor (SCA), and other DHA Cyber Security leadership in the execution and enforcement of DHA’s Cyber Security and RMF Process.
- Experience with the development of RMF cyber security documentation
- Experience with DHA Cyber Security Directorate is a plus
- Demonstrated experience with RMF Steps 1-6
- Working knowledge of Enterprise Mission Assurance Support Service (eMASS)
- Knowledge of NIST SP 800-53 and 800-37, CNSSI 1254, and other DoD Risk Management policies
- Prior use of ACAS tool
- Experience performing Information Assurance (IA) controls analysis, testing, and risk assessments
- Ability to identify and evaluate major applications, infrastructure, enclaves, and Enterprise environments based on accreditation boundaries
- Knowledge of defense-in-depth and other information security and assurance principles and associated supporting technologies
- Familiarity with the use of vulnerability scanning and assessment tools necessary to identify and document compliance
- Ability to lead teams and regularly interact with senior level program personnel
- Capable of providing thoughtful feedback to the SCAR, SCA, and other DHA Cyber Security leadership to identify risks, communicate courses of action, and recommend process improvements
- Ability to manage multiple projects simultaneously
- Strong verbal and written communications and interpersonal skills
- A self-starter, needs little direction, ability to work in a dynamic project environment
- Bachelor’s degree and 7 years of technical experience or 15 years of technical experience in lieu of a degree. Specific contract requirements regarding education and experience will prevail.
- Active Secret Clearance
- Minimum of an IAT Level II certification is required
- IAT/IAM Level III certification is preferred
Travel required up to 25%, sometimes with little notice
Full-time, core hours, 40 hours per week, Monday-Friday
Salary range is $91,500 – $124,900
The offered rate will be based on the selected candidate’s knowledge, skills, abilities and/or experience and in consideration of internal parity.
KBR may offer bonuses, commissions, or other forms of compensation to certain job titles or levels, per internal policy or contractual designation. Additional compensation may be in the form of sign on bonus, relocation benefits, short term incentives, long term incentives, or discretionary payments for exceptional performance.
KBR offers a selection of competitive lifestyle benefits which could include a 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, disability, paid time off, or flexible work schedule. We support career advancement through professional training and development.
Please Click The Link For Application : https://kbr.wd5.myworkdayjobs.com/en-US/KBR_Careers/job/Charleston-South-Carolina/Cybersecurity-RMF-A-A-Analyst-SME-4_R2038974