IMRI Technology & Engineering Solutions
RMF Assessment and Authorization/ISSO
IMRI Technology & Engineering Solutions, Washington, District of Columbia, us, 20022
POSITION SUMMARY:
We are seeking a highly skilled and experienced
Risk Management Framework (RMF) Assessment and Authorization/Information System Security Officer (ISSO)
to join our team. The ideal candidate will have a minimum of five years of overall IT or cybersecurity experience, including at least three years of working knowledge in
Government Community Cloud High (GCC-H) environments/GCC.
This role involves ensuring compliance with federal security standards, managing system security controls, and supporting the assessment and authorization process. The RMF Assessment and Authorization/ISSO will play a critical role in safeguarding digital assets and ensuring the security of vital electronic infrastructure.
ROLE AND RESPONSIBILITIES: Security Planning and Implementation:
Planning, implementing, upgrading, or monitoring security measures to protect computer networks and information. Ensuring appropriate security controls are in place to safeguard digital files and vital electronic infrastructure.
Risk Assessment and Mitigation:
Assessing system vulnerabilities for security risks and proposing and implementing risk mitigation strategies. Providing recommendations to address identified risks and improve overall security posture.
Incident Response:
Responding to computer security breaches, viruses, and other security incidents. Investigating and analyzing security events to determine root causes and implement corrective actions.
Compliance and Reporting:
Tracking, reporting, and providing year-round recommendations on
Plan of Action & Milestones (POA&Ms). Maintaining Federal Information Security Modernization Act ( FISMA ) inventory records using the Xacta360 app/tool.
RMF Assessment and Authorization:
Supporting the RMF process, including system categorization, control selection, implementation, assessment, and continuous monitoring. Preparing and maintaining security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Risk Assessment Reports (RARs).
Continuous Monitoring and Improvement:
Monitoring security systems and tools to ensure compliance with federal security standards. Driving continuous improvement in security processes and tools to enhance efficiency and effectiveness.
REQUIRED QUALIFICATIONS: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Equivalent work experience may be considered in lieu of a degree. Minimum of five (5) years of overall IT or cybersecurity experience At least three (3) years of hands-on experience in Government Community Cloud High (GCC-H)/GCC environments. Knowledge, skills, and abilities to operate, maintain, and upgrade two or more of the following tools: Microsoft Sentinel, Microsoft Azure, Microsoft DfE, Xacta 360/IO, Zscaler, FedRamp, Cloudflare, NetWitness, Tenable IO, Nexpose, Armis, Trellix HX/CM, and ServiceNow. Strong analytical, problem-solving, and communication skills. Ability to pass a Public Trust background check prior to onboarding.
IMRI offers top-tier benefits that include: medical coverage through nationally recognized carriers, ancillary coverages, paid vacation and sick leave in compliance with all state and local laws, 401(k) with company match, company paid life insurance and LTD, and several additional voluntary coverages.
Pay will be commensurate with the experience, skills, and qualifications that the candidate brings to the position.
EQUAL EMPLOYMENT OPPORTUNITY
EEO/Affirmative Action Statement and Non-Discrimination Policy IMRI is an Equal Employment Opportunity employer committed to maintaining a non-discriminatory, diverse work environment. In accordance with Title VII of the Civil Rights Act of 1964, Section 503 of the Rehabilitation Act of 1973, Vietnam Era Veteran's Readjustment Assistance Act of 1974 (VEVRAA), Americans with Disabilities) (ADA), and other federal, state, and local anti-discrimination laws, IMRI does not unlawfully discriminate against any person on the basis of race, color, religion, sex, national origin, ancestry, genetic information, age, marital status, sexual orientation, physical or mental disability, or status as a special disabled veteran or other veteran. IMRI will take affirmative action to assure equal opportunity for employment is provided with regard to all personnel actions. This is including but not limited to: recruitment, selection, compensation, benefits, training, promotion, demotion, layoff, termination and all other terms and conditions of employment.
We are seeking a highly skilled and experienced
Risk Management Framework (RMF) Assessment and Authorization/Information System Security Officer (ISSO)
to join our team. The ideal candidate will have a minimum of five years of overall IT or cybersecurity experience, including at least three years of working knowledge in
Government Community Cloud High (GCC-H) environments/GCC.
This role involves ensuring compliance with federal security standards, managing system security controls, and supporting the assessment and authorization process. The RMF Assessment and Authorization/ISSO will play a critical role in safeguarding digital assets and ensuring the security of vital electronic infrastructure.
ROLE AND RESPONSIBILITIES: Security Planning and Implementation:
Planning, implementing, upgrading, or monitoring security measures to protect computer networks and information. Ensuring appropriate security controls are in place to safeguard digital files and vital electronic infrastructure.
Risk Assessment and Mitigation:
Assessing system vulnerabilities for security risks and proposing and implementing risk mitigation strategies. Providing recommendations to address identified risks and improve overall security posture.
Incident Response:
Responding to computer security breaches, viruses, and other security incidents. Investigating and analyzing security events to determine root causes and implement corrective actions.
Compliance and Reporting:
Tracking, reporting, and providing year-round recommendations on
Plan of Action & Milestones (POA&Ms). Maintaining Federal Information Security Modernization Act ( FISMA ) inventory records using the Xacta360 app/tool.
RMF Assessment and Authorization:
Supporting the RMF process, including system categorization, control selection, implementation, assessment, and continuous monitoring. Preparing and maintaining security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Risk Assessment Reports (RARs).
Continuous Monitoring and Improvement:
Monitoring security systems and tools to ensure compliance with federal security standards. Driving continuous improvement in security processes and tools to enhance efficiency and effectiveness.
REQUIRED QUALIFICATIONS: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Equivalent work experience may be considered in lieu of a degree. Minimum of five (5) years of overall IT or cybersecurity experience At least three (3) years of hands-on experience in Government Community Cloud High (GCC-H)/GCC environments. Knowledge, skills, and abilities to operate, maintain, and upgrade two or more of the following tools: Microsoft Sentinel, Microsoft Azure, Microsoft DfE, Xacta 360/IO, Zscaler, FedRamp, Cloudflare, NetWitness, Tenable IO, Nexpose, Armis, Trellix HX/CM, and ServiceNow. Strong analytical, problem-solving, and communication skills. Ability to pass a Public Trust background check prior to onboarding.
IMRI offers top-tier benefits that include: medical coverage through nationally recognized carriers, ancillary coverages, paid vacation and sick leave in compliance with all state and local laws, 401(k) with company match, company paid life insurance and LTD, and several additional voluntary coverages.
Pay will be commensurate with the experience, skills, and qualifications that the candidate brings to the position.
EQUAL EMPLOYMENT OPPORTUNITY
EEO/Affirmative Action Statement and Non-Discrimination Policy IMRI is an Equal Employment Opportunity employer committed to maintaining a non-discriminatory, diverse work environment. In accordance with Title VII of the Civil Rights Act of 1964, Section 503 of the Rehabilitation Act of 1973, Vietnam Era Veteran's Readjustment Assistance Act of 1974 (VEVRAA), Americans with Disabilities) (ADA), and other federal, state, and local anti-discrimination laws, IMRI does not unlawfully discriminate against any person on the basis of race, color, religion, sex, national origin, ancestry, genetic information, age, marital status, sexual orientation, physical or mental disability, or status as a special disabled veteran or other veteran. IMRI will take affirmative action to assure equal opportunity for employment is provided with regard to all personnel actions. This is including but not limited to: recruitment, selection, compensation, benefits, training, promotion, demotion, layoff, termination and all other terms and conditions of employment.