Powder River Industries LLC
Security Engineer (RMF)
Powder River Industries LLC, Alexandria, Virginia, us, 22350
The RMF Security Engineer will be responsible for creating and maintaining RMF artifacts and shall implement security controls, patch vulnerabilities on network devices, and resolve system security engineering concerns to ensure cyber compliance and readiness. Working knowledge of DevSecOps functionality a plus.
Requirements
Thorough understanding of the Risk Management Framework (RMF) Assessment and Authorization (A&A) process within the federal government, including knowledge of all phases of the RMF lifecycle.Proven experience in assisting client risk management tasks, such as managing POA&M, conducting Security Tests and Evaluations (ST&E), creating system documentation, performing authorizations, carrying out risk assessments, handling third-party audits, ensuring compliance with NIST 800-53 standards, and performing threat assessments according to the RMF lifecycle and processes.Demonstrated proficiency to plan and monitor security control implementation for the protection of networks, enclaves, and information systems.Strong communication abilities, including working closely with highly technical administrators to enhance overall security measures.Ability to generate and interpret ACAS reports to identify system vulnerabilities and monitor remediation efforts or mitigation strategies.Working knowledge and experience implementing and evaluating manual Security Technical Implementation Guides (STIGs), Security Content Automation Protocol (SCAP), and SCAP Compliance Checker (SCC). Ability to generate and interpret Red Hat Advanced Cluster Security for Kubernetes (StackRox) reports.Working knowledge of common assessment & authorization (A&A) application platforms e.g. eMASS, CSAM, Xacta, etc.Previous experience in a technical role such as a system or network administrator is a plus.Desired Skills
Business WritingCommunications PlanningCompTIA Security+Cyber Risk / CybersecurityCloud SecurityEnterprise Mission Assurance Support Service (eMASS)Information Security Engineering / IT SecurityRisk Management Frameworks (RMF)Authority to Operate (ATO)NIST 800-53Plan Of Action And Milestones (POA&M)Security EngineeringSecurity OperationsSecurity Technical Implement Guides (STIGs)System Security Plan (SSP)DevSecOps / Containerized CI/CD Pipeline Security PracticesNon-Negotiable Requirements:
REQUIRED EDUCATION AND EXPERIENCE:
Minimum 5+ years of operational experience in RMF / security engineering.Must be located in DC Metro areaREQUIRED CLEARANCE:
Top Secret clearanceREQUIRED CERTIFICATIONS:
Position requires 8570 IAT II certification (e.g. Security+, CISSP)
Technical Environment:
Windows 10 or Windows 11 operating systems; Microsoft 365 Office suite of applications Oracle, UNIX/Linux, test scripts
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
Salary Description
62.00
Requirements
Thorough understanding of the Risk Management Framework (RMF) Assessment and Authorization (A&A) process within the federal government, including knowledge of all phases of the RMF lifecycle.Proven experience in assisting client risk management tasks, such as managing POA&M, conducting Security Tests and Evaluations (ST&E), creating system documentation, performing authorizations, carrying out risk assessments, handling third-party audits, ensuring compliance with NIST 800-53 standards, and performing threat assessments according to the RMF lifecycle and processes.Demonstrated proficiency to plan and monitor security control implementation for the protection of networks, enclaves, and information systems.Strong communication abilities, including working closely with highly technical administrators to enhance overall security measures.Ability to generate and interpret ACAS reports to identify system vulnerabilities and monitor remediation efforts or mitigation strategies.Working knowledge and experience implementing and evaluating manual Security Technical Implementation Guides (STIGs), Security Content Automation Protocol (SCAP), and SCAP Compliance Checker (SCC). Ability to generate and interpret Red Hat Advanced Cluster Security for Kubernetes (StackRox) reports.Working knowledge of common assessment & authorization (A&A) application platforms e.g. eMASS, CSAM, Xacta, etc.Previous experience in a technical role such as a system or network administrator is a plus.Desired Skills
Business WritingCommunications PlanningCompTIA Security+Cyber Risk / CybersecurityCloud SecurityEnterprise Mission Assurance Support Service (eMASS)Information Security Engineering / IT SecurityRisk Management Frameworks (RMF)Authority to Operate (ATO)NIST 800-53Plan Of Action And Milestones (POA&M)Security EngineeringSecurity OperationsSecurity Technical Implement Guides (STIGs)System Security Plan (SSP)DevSecOps / Containerized CI/CD Pipeline Security PracticesNon-Negotiable Requirements:
REQUIRED EDUCATION AND EXPERIENCE:
Minimum 5+ years of operational experience in RMF / security engineering.Must be located in DC Metro areaREQUIRED CLEARANCE:
Top Secret clearanceREQUIRED CERTIFICATIONS:
Position requires 8570 IAT II certification (e.g. Security+, CISSP)
Technical Environment:
Windows 10 or Windows 11 operating systems; Microsoft 365 Office suite of applications Oracle, UNIX/Linux, test scripts
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
Salary Description
62.00