Experience Inc. Jobs

RMF Engineer

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: Secret

Employee Type: Regular

Percentage of Travel Required: Up to 10%

Type of Travel: Continental US

The Opportunity:

CACI is seeking a cleared Risk Management Framework (RMF) Engineer to support Army C5ISR Cyber Security Division at Aberdeen Proving Ground, Maryland. The ideal candidate will possess a deep understanding of cybersecurity principles, RMF processes, and RMF documentation. This position will be a part of a System Engineering / Cybersecurity team, bringing RMF insight, guidance and support in accordance with the requirements set forth of the program office. You will support and coordinate workflow, activity and documentation necessary to achieve successful RMF Authorization/Approvals for the specified DoD systems.

Responsibilities:

• Provide RMF support, often in a leadership capacity.

• Provide SME knowledge of Army, DoD, and NIST Security Controls and Control Implementation methodologies for the Assessment and Authorization (A&A) process.

• Develop and maintain System Security Plan, Plans of Action and Milestones and related documentation.

• Verify system(s) have met the threshold for approval such as:

• CCIs

• SCA-V results

• POA&Ms

• STIGs / Scans

• Other RMF documentation

• Identify and incorporate common artifacts found in an RMF authorization package, e.g., system architecture and boundaries, hardware and software inventories, risk assessment reports, POA&Ms, data flows, PPSM accounting, and other necessary system, network, and application documentation.Coordinate with appropriate personnel to update the Army Portfolio Management System (APMS) entry for the systems supported as needed.

• Verify relevant and necessary artifacts are populated in the eMASS system.

• Knowledge and experience identifying, assessing, and documenting compliance against applicable DoD security controls (technical, management, operational), Army regulations, etc., within the RMF package.

• Familiarity with the use of vulnerability scanning and assessment tools (e.g., ACAS/Nessus, Evaluate-STIG, Stig Viewer, etc.) necessary to identify and document compliance.The focus is to ensure provided scans are complete (all assets in the boundary covered as well as the completeness of a credentialed scan with all necessary plugins).Additionally, the applicant should be well versed in addressing STIG applicability to ensure all necessary STIG/SRG requirements are addressed for the system.

• Ensure appropriate U.S. Army NETCOM and any applicable command level guidance is followed for appropriate execution.

• Work with System Engineering, Test & Evaluation, and IMS scheduler to define critical path items to successfully complete and maintain the package.

Qualifications:

Required:

• An active DoD Secret clearance and obtain TS/SCI;

• 5-10 years ARMY RMF experience (SSP and A&A process);

• Familiar with NIST PUBs, DoD and Army RMF TTPs;

• Strong verbal and written communications and interpersonal skills;

• Ability to work in a team focused, dynamic environment and lead other members (specifically system administrators) in achieving and maintaining an authorized system.

• Must be flexible, independent, and self-motivated.

• Completed eMASS training.

• Have the training, certification, and/or experience to perform Information System Security Manager (722) intermediate or advanced duties. Meaning ate least one of the following: 1) Associate degree or higher from an accredited Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree; or a degree in a Mathematics or Engineering field for intermediate, or a Bachelor or higher degree from a similarly accredited school for advanced; 2) Training from the offerings listed in DoD 8140 Training Repository, or 3) CAP or CASP+ or CCISO or CCSP or CISM or CISSP or Cloud+ or SSCP for intermediate or CISSP-ISSMP or GSLC for advanced.

Desired:

• 2+ Years of RMF experience for Army collateral systems highly desired.

• Familiar with implementing Army Regulations, Pamphlets, and Army NETCOM RMF TTPs.

• Completed ACAS training.

• Bachelor’s degree or higher from an accredited Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree; or a degree in a Mathematics or Engineering field is highly desired

• One of: CASP+, CCISO, CISM, CISSP, SSCP, ISSAP, ISSEP. ISSMP, GSNA, or GSLC highly desired.

• Additionally have the training, certification, and/or experience to perform either Security Control Assessor (612), Authorizing Official or AO Designated Representative (AODR) (611), Security Architect (652) intermediate or advanced duties.

-

What You Can Expect:

A culture of integrity.

At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.

An environment of trust.

CACI takes pride in fostering a diverse and accessible culture where every individual feels supported to chart their own path. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.

A focus on continuous growth.

Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.

Your potential is limitless. So is ours.

Learn more about CACI here. (https://careers.caci.com/global/en/life-at-caci)

Pay Range : There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here (https://careers.caci.com/global/en/employee-benefits) .

The proposed salary range for this position is:

$90,300 - 189,600 USD

CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected characteristic.