Astrion
Overview
CLEARANCE:
Secret Astrion has an exciting opportunity for a Cyber Risk Management Analyst to join our team with the option to work either in our office in Washington, DC or remotely. The role supports the Program Executive Office Integrated Warfare Systems Above Water Sensors Directorate's (PEO IWS 2.0) Information Systems Security Manager (ISSM). Location:
Washington, DC / Remote Job Status:
Full Time Hybrid or remote work is allowed with limitations. Regular access to SIPR is required at SPA’s 20 M Street office in Washington, DC; regular access elsewhere is acceptable in rare circumstances. Responsibilities
You will provide direct support to the U.S. Navy’s PEO IWS 2.0 Information Systems Security Manager. You will be responsible for the Authorization and Assessment (A&A) review process for over 30 new and existing above-water sensor and laser systems, ensuring RMF cybersecurity requirements are satisfied in accordance with applicable DoD, NIST, DON, and NAVSEA instructions. You will provide Navy RMF cybersecurity support by performing full package reviews of RMF process steps, as defined in the Navy RMF Process Guide and Business Rules. You will conduct in-depth reviews of authorization packages and artifacts within eMASS, reviewing, analyzing, and reporting on current authorization statuses for all systems within PEO IWS 2.0’s portfolio and review Security Assessment Plans, System-Level Continuous Monitoring Plans, Implementation Plans, Security Control Tailoring Plans, Plans of Actions and Milestones, and Security Assessment Reports. You will advise the ISSM and other program stakeholders regarding A&A cybersecurity matters, including change control, IAVM, EXORDs, FRAGOs, and DoD/DoN policy. You must have the ability to work independently and produce high-quality work with minimal oversight. Required Qualifications / Skills
Experience with Department of Navy (DON) Risk Management Framework (RMF) Experience with Enterprise Mission Assurance Support Service (eMASS) Minimum 3 years of demonstrated expertise evaluating cyber compliance against RMF policies, including experience conducting assessments using ACAS, STIGs, and SRGs Proficiency with MS Office suite, including Visio DoD Cybersecurity Workforce (CSWF) IAT II certification (e.g., Security+ CE) Desired Qualifications / Skills
Current Navy Flankspeed access, SIPR token, and CAC strongly desired Bachelor’s degree Fully Qualified Navy Validator (FQNV) Level II or above DoD 8570 Information Assurance Management (IAM) III or IAT III Certification Knowledge of Navy IT sites, systems, and infrastructure, including Assess Only and PIT Knowledge of applicable Navy systems, networks, and IT infrastructure Experience working in a DoD acquisition program office environment
#J-18808-Ljbffr
CLEARANCE:
Secret Astrion has an exciting opportunity for a Cyber Risk Management Analyst to join our team with the option to work either in our office in Washington, DC or remotely. The role supports the Program Executive Office Integrated Warfare Systems Above Water Sensors Directorate's (PEO IWS 2.0) Information Systems Security Manager (ISSM). Location:
Washington, DC / Remote Job Status:
Full Time Hybrid or remote work is allowed with limitations. Regular access to SIPR is required at SPA’s 20 M Street office in Washington, DC; regular access elsewhere is acceptable in rare circumstances. Responsibilities
You will provide direct support to the U.S. Navy’s PEO IWS 2.0 Information Systems Security Manager. You will be responsible for the Authorization and Assessment (A&A) review process for over 30 new and existing above-water sensor and laser systems, ensuring RMF cybersecurity requirements are satisfied in accordance with applicable DoD, NIST, DON, and NAVSEA instructions. You will provide Navy RMF cybersecurity support by performing full package reviews of RMF process steps, as defined in the Navy RMF Process Guide and Business Rules. You will conduct in-depth reviews of authorization packages and artifacts within eMASS, reviewing, analyzing, and reporting on current authorization statuses for all systems within PEO IWS 2.0’s portfolio and review Security Assessment Plans, System-Level Continuous Monitoring Plans, Implementation Plans, Security Control Tailoring Plans, Plans of Actions and Milestones, and Security Assessment Reports. You will advise the ISSM and other program stakeholders regarding A&A cybersecurity matters, including change control, IAVM, EXORDs, FRAGOs, and DoD/DoN policy. You must have the ability to work independently and produce high-quality work with minimal oversight. Required Qualifications / Skills
Experience with Department of Navy (DON) Risk Management Framework (RMF) Experience with Enterprise Mission Assurance Support Service (eMASS) Minimum 3 years of demonstrated expertise evaluating cyber compliance against RMF policies, including experience conducting assessments using ACAS, STIGs, and SRGs Proficiency with MS Office suite, including Visio DoD Cybersecurity Workforce (CSWF) IAT II certification (e.g., Security+ CE) Desired Qualifications / Skills
Current Navy Flankspeed access, SIPR token, and CAC strongly desired Bachelor’s degree Fully Qualified Navy Validator (FQNV) Level II or above DoD 8570 Information Assurance Management (IAM) III or IAT III Certification Knowledge of Navy IT sites, systems, and infrastructure, including Assess Only and PIT Knowledge of applicable Navy systems, networks, and IT infrastructure Experience working in a DoD acquisition program office environment
#J-18808-Ljbffr