Bravura Inc.
Compliance Detection Lead
Bravura Inc., Frankfort, Kentucky, United States,
Role : Compliance Detection Lead
Location : Fort Knox, KY
Education/Certifications : BA/BS or MA/MS; IAT Level II; Computing Environment Certification
Years of Experience : 5+
Clearance Level & Investigation : Secret
Job Description :
Qualifications:
Serves as Compliance Detection Lead. Must possess experience gathering data on information systems and device configurations, which is used for system identification, maintenance, cyber threat assessment and investigation, vulnerability detection, or system exploits.
Must have experience working with and understanding DISA information assurance vulnerability alert (IAVA) announcement of computer, application, software, or operating system vulnerabilities.
Performs Certification and Accreditation (C&A) or other IA/CND Compliance and Auditing processes and inspections for all enterprise systems and networks; ensures validity and accuracy review of all associated documentation.
Performs compliance reviews of computer security plans, performs risk assessments, and performs security test evaluations and audits.
Analyzes security requirements for information protection for enterprise systems and networks.
Assists in development of security policies.
Analyzes sensitivity of information and performs vulnerability and risk assessments on basis of defined sensitivity and information flow.
Must be professionally certified as Technical Level II as defined by DODI 8570.
Specific Responsibilities
:
Coordinates and manages Risk Management Documents (RMDs) to include Plans of Action and Milestones (POA&Ms), Risk Acceptance (RAC), Memorandum for Records (MFRs), Operational Impact Statements (OIS), and Waivers for all assigned boundaries and application ATOs for approving signature and delivers to the assigned Government representative.
Reviews and validates compliance or non-compliance IAW CCI, STIGs and SRGs for each finding or vulnerability IAW RMF.
Conducts security control, Security Technical Implementation Guide (STIG), and all other Army directed compliance validation inspections in accordance with RMF procedures.
#J-18808-Ljbffr
Location : Fort Knox, KY
Education/Certifications : BA/BS or MA/MS; IAT Level II; Computing Environment Certification
Years of Experience : 5+
Clearance Level & Investigation : Secret
Job Description :
Qualifications:
Serves as Compliance Detection Lead. Must possess experience gathering data on information systems and device configurations, which is used for system identification, maintenance, cyber threat assessment and investigation, vulnerability detection, or system exploits.
Must have experience working with and understanding DISA information assurance vulnerability alert (IAVA) announcement of computer, application, software, or operating system vulnerabilities.
Performs Certification and Accreditation (C&A) or other IA/CND Compliance and Auditing processes and inspections for all enterprise systems and networks; ensures validity and accuracy review of all associated documentation.
Performs compliance reviews of computer security plans, performs risk assessments, and performs security test evaluations and audits.
Analyzes security requirements for information protection for enterprise systems and networks.
Assists in development of security policies.
Analyzes sensitivity of information and performs vulnerability and risk assessments on basis of defined sensitivity and information flow.
Must be professionally certified as Technical Level II as defined by DODI 8570.
Specific Responsibilities
:
Coordinates and manages Risk Management Documents (RMDs) to include Plans of Action and Milestones (POA&Ms), Risk Acceptance (RAC), Memorandum for Records (MFRs), Operational Impact Statements (OIS), and Waivers for all assigned boundaries and application ATOs for approving signature and delivers to the assigned Government representative.
Reviews and validates compliance or non-compliance IAW CCI, STIGs and SRGs for each finding or vulnerability IAW RMF.
Conducts security control, Security Technical Implementation Guide (STIG), and all other Army directed compliance validation inspections in accordance with RMF procedures.
#J-18808-Ljbffr