Chenega MIOS SBU
Senior RMF Specialist/Information System Security Manager (ISSM)
Chenega MIOS SBU, Huntsville, Alabama, United States, 35824
Senior RMF Specialist/Information System Security Manager (ISSM)
Join to apply for the Senior RMF Specialist/Information System Security Manager (ISSM) role at Chenega MIOS SBU. Chronos Operations (CO) is a wholly-owned subsidiary of Chenega Corporation, based in Anchorage, AK. Chronos is part of the Military, Intelligence, and Operations Support (MIOS) Strategic Business Unit (SBU). Chronos has a culture rooted in integrity, respect, and exceptional performance, and provides mission-critical services in Advanced Analytics & AI, Software Engineering, Cybersecurity, Information Technology, and Intelligence. The Senior RMF Specialist/Information System Security Manager (ISSM) will lead RMF activities, develop and maintain security documentation, coordinate with AOs/AODRs, and ensure compliance with cybersecurity regulations. Responsibilities
Develop and maintain Risk Management Framework (RMF) documentation and reports to achieve and maintain compliance with cybersecurity regulations, optimize current processes to streamline the approval process with the Program Information Security System Manager (P-ISSM), Authorizing Official (AO), and Authorizing Official Designated Representatives (AODR) across the AMC Enterprise Mission Assurance Support System (eMASS) Portfolio for HQ and Enterprise records. Work in all RMF steps with system owners, ISSO and ISSMs, and validate that adequate security controls are in place to enable sound risk management decisions by the AO. Coordinate with the Government in obtaining security authorization for updated systems and emerging requirements. Develop, implement, and maintain security policies, procedures, and documentation to ensure compliance with DoD security standards and regulations (e.g., NIST, RMF, FISMA). Achieve and maintain compliance with cybersecurity regulations and optimize current processes to streamline the approval process. Support developing a Privacy Program Plan to streamline privacy risk assessments around system vulnerabilities, threat assessments, and operational mission impacts. Support development of the command cybersecurity program to include reviews of external policies, guidance, SOPs, and regulations from DoD, DoA, NIST, etc. Develop internal plans, policies, and SOPs to execute the command program with a policy development process. Provide Communication Security governance and compliance reporting based on orders and directives from higher headquarters to maintain security of encapsulation and encryption devices; develop a knowledge management plan to capture data and provide business intelligence and data analysis related to all functions. Provide exercise support to validate the security of systems accredited by the AO and/or Privacy Official. Develop additional technical and managerial cybersecurity training plans, guides, and materials to enable workforce knowledge and compliance. Interact with clients and interface with senior management and Government. Coordinate with cross-functional teams (engineering, IT, operations) to implement and enforce security protocols and best practices. Ensure the accreditation process for DoD systems (e.g., RMF accreditation) is completed and maintained in compliance with applicable requirements. Act as the primary point of contact for security-related issues, coordinating incident response and reporting to senior management and government customers. Stay current with emerging cybersecurity threats, vulnerabilities, and trends to ensure the program adapts to evolving security challenges. May supervise others. Other duties as assigned. Qualifications
Associates Degree or Bachelor's Degree in Computer Science, Engineering, Cyber Security or equivalent experience in lieu of degree. 8+ years of experience applying RMF to complex IT systems, specifically within a DoD environment. 8+ years of overall cybersecurity experience, with at least 5 years in a leadership or management role. Experience with eMASS. Experience with system security engineering, risk management, and vulnerability assessments. Active certifications such as CISSP, CISM, or equivalent DoD 8540.02 compliance required. Must have active Top Secret with SCI eligibility. Knowledge, Skills And Abilities
In-depth knowledge of DoD cybersecurity policies, frameworks, and compliance standards (e.g., NIST 800-53, RMF, FISMA, ICD 503). Strong understanding of network security, security controls, and common cybersecurity tools (e.g., firewalls, IDS/IPS, SIEM, endpoint protection). Familiarity with cloud security practices, particularly in hybrid or government cloud environments. Effective communication skills for information exchange across functional disciplines and strong briefing skills with senior customers and leadership. Proven leadership skills, including team collaboration, listening to concerns, and reconciling issues. Ability to solicit and process complex information to solve problems and make sound decisions. Analytical and organized with excellent verbal and written abilities. Strong work ethic and eagerness to learn. Time management skills to meet deadlines. Ability to work independently and as part of a team; ability to travel up to 10%. Growth and Benefits
Chenega MIOS focuses on professional development at every career level, offering on-the-job learning, formal development programs, and opportunities to grow within a fast-changing global business. Additional Information
Chenega MIOS is part of Chronos Operations (CO). Learn more about Chenega MIOS and Chronos, including culture, corporate citizenship, and social impact through the companys news and social links. #J-18808-Ljbffr
Join to apply for the Senior RMF Specialist/Information System Security Manager (ISSM) role at Chenega MIOS SBU. Chronos Operations (CO) is a wholly-owned subsidiary of Chenega Corporation, based in Anchorage, AK. Chronos is part of the Military, Intelligence, and Operations Support (MIOS) Strategic Business Unit (SBU). Chronos has a culture rooted in integrity, respect, and exceptional performance, and provides mission-critical services in Advanced Analytics & AI, Software Engineering, Cybersecurity, Information Technology, and Intelligence. The Senior RMF Specialist/Information System Security Manager (ISSM) will lead RMF activities, develop and maintain security documentation, coordinate with AOs/AODRs, and ensure compliance with cybersecurity regulations. Responsibilities
Develop and maintain Risk Management Framework (RMF) documentation and reports to achieve and maintain compliance with cybersecurity regulations, optimize current processes to streamline the approval process with the Program Information Security System Manager (P-ISSM), Authorizing Official (AO), and Authorizing Official Designated Representatives (AODR) across the AMC Enterprise Mission Assurance Support System (eMASS) Portfolio for HQ and Enterprise records. Work in all RMF steps with system owners, ISSO and ISSMs, and validate that adequate security controls are in place to enable sound risk management decisions by the AO. Coordinate with the Government in obtaining security authorization for updated systems and emerging requirements. Develop, implement, and maintain security policies, procedures, and documentation to ensure compliance with DoD security standards and regulations (e.g., NIST, RMF, FISMA). Achieve and maintain compliance with cybersecurity regulations and optimize current processes to streamline the approval process. Support developing a Privacy Program Plan to streamline privacy risk assessments around system vulnerabilities, threat assessments, and operational mission impacts. Support development of the command cybersecurity program to include reviews of external policies, guidance, SOPs, and regulations from DoD, DoA, NIST, etc. Develop internal plans, policies, and SOPs to execute the command program with a policy development process. Provide Communication Security governance and compliance reporting based on orders and directives from higher headquarters to maintain security of encapsulation and encryption devices; develop a knowledge management plan to capture data and provide business intelligence and data analysis related to all functions. Provide exercise support to validate the security of systems accredited by the AO and/or Privacy Official. Develop additional technical and managerial cybersecurity training plans, guides, and materials to enable workforce knowledge and compliance. Interact with clients and interface with senior management and Government. Coordinate with cross-functional teams (engineering, IT, operations) to implement and enforce security protocols and best practices. Ensure the accreditation process for DoD systems (e.g., RMF accreditation) is completed and maintained in compliance with applicable requirements. Act as the primary point of contact for security-related issues, coordinating incident response and reporting to senior management and government customers. Stay current with emerging cybersecurity threats, vulnerabilities, and trends to ensure the program adapts to evolving security challenges. May supervise others. Other duties as assigned. Qualifications
Associates Degree or Bachelor's Degree in Computer Science, Engineering, Cyber Security or equivalent experience in lieu of degree. 8+ years of experience applying RMF to complex IT systems, specifically within a DoD environment. 8+ years of overall cybersecurity experience, with at least 5 years in a leadership or management role. Experience with eMASS. Experience with system security engineering, risk management, and vulnerability assessments. Active certifications such as CISSP, CISM, or equivalent DoD 8540.02 compliance required. Must have active Top Secret with SCI eligibility. Knowledge, Skills And Abilities
In-depth knowledge of DoD cybersecurity policies, frameworks, and compliance standards (e.g., NIST 800-53, RMF, FISMA, ICD 503). Strong understanding of network security, security controls, and common cybersecurity tools (e.g., firewalls, IDS/IPS, SIEM, endpoint protection). Familiarity with cloud security practices, particularly in hybrid or government cloud environments. Effective communication skills for information exchange across functional disciplines and strong briefing skills with senior customers and leadership. Proven leadership skills, including team collaboration, listening to concerns, and reconciling issues. Ability to solicit and process complex information to solve problems and make sound decisions. Analytical and organized with excellent verbal and written abilities. Strong work ethic and eagerness to learn. Time management skills to meet deadlines. Ability to work independently and as part of a team; ability to travel up to 10%. Growth and Benefits
Chenega MIOS focuses on professional development at every career level, offering on-the-job learning, formal development programs, and opportunities to grow within a fast-changing global business. Additional Information
Chenega MIOS is part of Chronos Operations (CO). Learn more about Chenega MIOS and Chronos, including culture, corporate citizenship, and social impact through the companys news and social links. #J-18808-Ljbffr