Greystones Group
Greystones Group is a fast-growing woman-owned small business supporting the Warfighter with best-in-class artificial intelligence and big data analytics capabilities. Our capabilities include mission planning, operational support, leader development and education, cybersecurity, electronic warfare, and information technology solutions.
We are looking for dedicated and motivated candidates that can grow with the company. At Greystones, we recognize that everyone brings their own important skill sets and unique talents to create a highly competent team to deliver quality solutions. We ensure that each member’s needs are addressed effectively, and our employees are not just a number. We offer a close-knit community that ensures your growth and development in a setting that provides world class support to our customers.
Greystones Group has an opportunity for a Quality Compliance Specialist to support a Navy customer in the Washington D.C. area. This project is in support of process improvements to IT support tools. This candidate will be responsible for ensuring compliance with applicable cybersecurity, Risk Management Framework, and system engineering standards, processes, and policies. This position will be located in the Washington D.C. area; however, if the candidate’s unique skills and experience would result in considerable value added to the customer, the position can be performed at remote locations and/or telework.
Benefits
401(k) 401(k) matching Dental insurance Flexible schedule Flexible spending account Health insurance Life insurance Paid time off Referral program Retirement plan Vision insurance Salary range starting at $80k Responsibilities
Serve as the primary point of contact for all matters related to system accreditation and ATO. Coordinate with system owners, system administrators, security personnel, and other stakeholders to gather information and support the ATO process. Liaise with the authorizing official (AO) or Designated Accreditation Authority (DAA) to address questions and concerns regarding the ATO package. Develop Plans of Action and Milestones (POA&Ms) to address identified security weaknesses and vulnerabilities. This includes defining specific remediation steps, assigning responsible parties, and establishing target completion dates. Prepare and submit complete and accurate ATO packages to the appropriate authorizing official (AO) or Designated Accreditation Authority (DAA) within the Navy. This requires meticulous attention to detail and adherence to submission guidelines. Utilize eMASS (Enterprise Mission Assurance Support Service) to manage the ATO process. This involves creating and updating system records, uploading documentation, and tracking progress through the RMF lifecycle. Ensure all package components meet the requirements for completeness, accuracy, and compliance with relevant standards. Conduct security risk assessments and vulnerability analyses in accordance with DoD Risk Management Framework (RMF) to identify potential threats and weaknesses in systems and applications. Recommend and implement security controls to mitigate identified risks, including technical, administrative, and physical safeguards, as defined in CNSSI 1253 and applicable Security Technical Implementation Guides (STIGs). Participate in the System Development Life Cycle (SDLC) to integrate security considerations into all phases of system development and deployment, ensuring compliance with DoD Instruction 5000.02. Develop and implement security policies, procedures, and standards to ensure consistent security practices across the organization, aligned with Navy and DoD regulations. Implement and manage security baselines for systems and applications, ensuring adherence to DoD STIGs, security requirements guides (SRGs), and other applicable security standards. Conduct security testing and evaluations to verify the effectiveness of security controls, including vulnerability scanning, penetration testing, and security audits. Investigate and respond to security incidents in accordance with established Navy incident response procedures, including containment, eradication, and recovery efforts. Collaborate with IT teams, system administrators, and other stakeholders to ensure security is integrated into all aspects of IT operations within the Navy environment. Communicate security risks and recommendations to stakeholders in a clear and concise manner, using appropriate communication channels. Stay abreast of the latest security threats, vulnerabilities, and technologies relevant to DoD and Navy systems. Qualifications
Bachelor’s degree in Computer Science, Information Security, or a related discipline plus 5 years of experience. 5+ years of experience in software engineering in a DoD/DoN environment. Experience working with Navy or DoD information systems and platforms. Familiarity with cybersecurity compliance tools. Experience with Navy systems hardening and compliance. Familiarity with Navy’s ATO process and related documentation requirements. Working knowledge of RMF (Risk Management Framework) Knowledge of configuration and change control processes. CompTIA certification. Active Secret clearance required. Greystones Group is an Equal Opportunity Employer and abides by the requirements of 41 CFR §§ 60-1.4(a), 60-300.5(a), and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, sex, national origin, genetic information, gender identity, or sexual orientation. If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access Greystones career website due to your disability. You may request reasonable accommodations by contacting our Human Resources Department at202-644-8998 option #2 or hr@greystonesgroup.comif you need assistance completing any forms or otherwise participate in the application process.
#J-18808-Ljbffr
401(k) 401(k) matching Dental insurance Flexible schedule Flexible spending account Health insurance Life insurance Paid time off Referral program Retirement plan Vision insurance Salary range starting at $80k Responsibilities
Serve as the primary point of contact for all matters related to system accreditation and ATO. Coordinate with system owners, system administrators, security personnel, and other stakeholders to gather information and support the ATO process. Liaise with the authorizing official (AO) or Designated Accreditation Authority (DAA) to address questions and concerns regarding the ATO package. Develop Plans of Action and Milestones (POA&Ms) to address identified security weaknesses and vulnerabilities. This includes defining specific remediation steps, assigning responsible parties, and establishing target completion dates. Prepare and submit complete and accurate ATO packages to the appropriate authorizing official (AO) or Designated Accreditation Authority (DAA) within the Navy. This requires meticulous attention to detail and adherence to submission guidelines. Utilize eMASS (Enterprise Mission Assurance Support Service) to manage the ATO process. This involves creating and updating system records, uploading documentation, and tracking progress through the RMF lifecycle. Ensure all package components meet the requirements for completeness, accuracy, and compliance with relevant standards. Conduct security risk assessments and vulnerability analyses in accordance with DoD Risk Management Framework (RMF) to identify potential threats and weaknesses in systems and applications. Recommend and implement security controls to mitigate identified risks, including technical, administrative, and physical safeguards, as defined in CNSSI 1253 and applicable Security Technical Implementation Guides (STIGs). Participate in the System Development Life Cycle (SDLC) to integrate security considerations into all phases of system development and deployment, ensuring compliance with DoD Instruction 5000.02. Develop and implement security policies, procedures, and standards to ensure consistent security practices across the organization, aligned with Navy and DoD regulations. Implement and manage security baselines for systems and applications, ensuring adherence to DoD STIGs, security requirements guides (SRGs), and other applicable security standards. Conduct security testing and evaluations to verify the effectiveness of security controls, including vulnerability scanning, penetration testing, and security audits. Investigate and respond to security incidents in accordance with established Navy incident response procedures, including containment, eradication, and recovery efforts. Collaborate with IT teams, system administrators, and other stakeholders to ensure security is integrated into all aspects of IT operations within the Navy environment. Communicate security risks and recommendations to stakeholders in a clear and concise manner, using appropriate communication channels. Stay abreast of the latest security threats, vulnerabilities, and technologies relevant to DoD and Navy systems. Qualifications
Bachelor’s degree in Computer Science, Information Security, or a related discipline plus 5 years of experience. 5+ years of experience in software engineering in a DoD/DoN environment. Experience working with Navy or DoD information systems and platforms. Familiarity with cybersecurity compliance tools. Experience with Navy systems hardening and compliance. Familiarity with Navy’s ATO process and related documentation requirements. Working knowledge of RMF (Risk Management Framework) Knowledge of configuration and change control processes. CompTIA certification. Active Secret clearance required. Greystones Group is an Equal Opportunity Employer and abides by the requirements of 41 CFR §§ 60-1.4(a), 60-300.5(a), and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, sex, national origin, genetic information, gender identity, or sexual orientation. If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access Greystones career website due to your disability. You may request reasonable accommodations by contacting our Human Resources Department at202-644-8998 option #2 or hr@greystonesgroup.comif you need assistance completing any forms or otherwise participate in the application process.
#J-18808-Ljbffr