KAIROS Inc
Vulnerability Management Lead, Information System Security Officer
KAIROS Inc, Lexington Park, Maryland, United States, 20653
KAIROS, Inc is searching for an energetic,experiencedand highly motivatedInformation System Security Officerat theJourneymanlevelto join our team.This position will beonsiteatPatuxent River Naval Air Station in Lexington Park, MDwith teleworking opportunity.
Established in July 2013, KAIROS, Inc. is a growing Woman Owned Small Business (WOSB) providing full life cycle Cybersecurity, Program Management, Systems Engineering, and Training and Education services focused onoptimizingcustomers’ program performance and mission through proven methodologies and ethical practices. Our headquarters is in California, MD near Naval Air Station Patuxent River. Weoffer competitive salaries and benefits with outstanding growth potential.
Overview Vulnerability Management Lead, Information System Security Officer (ISSO) will support the Unmanned Carrier Aviation Program Office (PMA-268) at Patuxent River Naval Air Station in Lexington Park, MD. PMA 268is responsible forthe MQ-25 Stingray unmanned air system.
Primary Duties
Assess andvalidatePMA-268 RMF packages (Authorizations to Operate (ATOs) and Interim Authorizations to Test (IATTs), to include but not limited to:
Coordinate development of the Security Assessment Plan (SAP) with Integrated Product Team (IPT) SSE and system ISSO
Submit SAP for approval
Execute the SAP
Provide a summary of failed controls in Enterprise Mission Assurance Support Service (eMASS) (Risk Assessment)
Complete the Security Assessment Report (SAR)
Provide POA&M update recommendations to the PMA/IPT based on assessment results
Ensure traceability of all vulnerabilities from raw assessment results to the POA&M
Support Continuous Monitoring (ConMon) activities (e.g.annual security reviews, system/changes/ Memorandums for the Record (MFRs))
Createconsolidatedlist of mitigation statements for POA&Ms (unclassified) toassistISSOs with established mitigation statements for common non-compliant security controls
Vulnerability Management Lead
Establish and execute a PMA-268 vulnerability management program, to include developing guidance for VRAM record creation and management.
Develop a PMA Vulnerability and Patch Management Policy
Coordinate development of System level Vulnerability and Patch Management Plans (VPMP)
NAVAIR Rapid Response Lead for PMA-268
Attend Rapid Response meetings
CoordinateconsolidatedPMA-268 responses to Orders received (i.e.EXORD, OPORD, TASKORD)
Monitor the NAVAIR Vulnerability Management Channel for notifications daily
Maintain the PMA-268 Cyber Directive Status tracker
Create andmaintaina Cyber Directives tracker onSIPRsummarizing the orders.
Manage PMA-268 Portfolio VRAM records
ISSO
Support PMA-268 Cyber Lead in execution of the PMA-268 Cybersecurity Program
Provide assistanceand guidance to PMA-268 ISSOs
Update and sustain PMA-268 RMF Training Slides
Latest RMF guidance
RMF roles and responsibilities flow chart
Assistin the development ofeMASSCommon Control Packages (CCPs)
Develop RMF security control family templates
Develop PMA Incident Response Plan
Coordinate and provide oversight for all MOU/ISA effortsrequiredin support of cyber authorizations or system use.
Skills and Qualifications
Strong customer relations, analytics, documentation skills
Self-starter, highly motivated, strong work ethic with a commitment to quality
Microsoft office suite proficiency, i.e., Word, Excel, PowerPoint
Ability to work within a challenging, fast-paced, team-oriented environment
Ability to work independently
Ability to multi-task and meet competing, deliverable deadlines
Detail oriented
Excellent interpersonal and customer service skills
Excellent verbal and written communication skills to provide clear status and/or communicate issues
Ability to adapt to evolving technology
Demonstrated experience in an area of engineering expertise is required.
Education and Experience
Bachelor’s degree intechnical or scientific field from an accredited college or university.
Three(3) years of recent and relevant experience.
Clearance This position is subject to a government security investigation and must meet eligibility requirements for access to classified information. In order to complete the requirements for government security clearance investigation you must be a U.S. Citizen and be able to complete the full background investigation. This position requires an Active Secret Security Clearance.
Compensation While skills, education, and experience are key factors, they are not the sole determinants of salary. Other determining factors include but are not limited to location, contract budgets and requirements, and government labor category guidelines. The estimated salary range for this position is $100,000-$145,000. KAIROS also provides a comprehensive benefits package asadditionalemployee compensation.
Benefits
Medical Coverage
Employer Paid Dental, Vision, Basic Life/AD&D, Short-Term/Long-Term Insurance
Health Savings Account with Contribution by Employer
401K Plan with Employer Matching
Annual Discretionary Bonuses
Paid Time Off
Eleven (11) Paid Holidays
Certification reimbursement program
Tuition Reimbursement Program
Paid Parental Leave
Employee Assistance Program (EAP)
Rewards and recognition programs
Community outreach events through our KAIROS Kares group
KAIROS, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, national origin, or any other characteristic protected by federal, state, or local laws.
To learn more about our organization be sure to check out our website, https://www.kairosinc.net/
#J-18808-Ljbffr
Established in July 2013, KAIROS, Inc. is a growing Woman Owned Small Business (WOSB) providing full life cycle Cybersecurity, Program Management, Systems Engineering, and Training and Education services focused onoptimizingcustomers’ program performance and mission through proven methodologies and ethical practices. Our headquarters is in California, MD near Naval Air Station Patuxent River. Weoffer competitive salaries and benefits with outstanding growth potential.
Overview Vulnerability Management Lead, Information System Security Officer (ISSO) will support the Unmanned Carrier Aviation Program Office (PMA-268) at Patuxent River Naval Air Station in Lexington Park, MD. PMA 268is responsible forthe MQ-25 Stingray unmanned air system.
Primary Duties
Assess andvalidatePMA-268 RMF packages (Authorizations to Operate (ATOs) and Interim Authorizations to Test (IATTs), to include but not limited to:
Coordinate development of the Security Assessment Plan (SAP) with Integrated Product Team (IPT) SSE and system ISSO
Submit SAP for approval
Execute the SAP
Provide a summary of failed controls in Enterprise Mission Assurance Support Service (eMASS) (Risk Assessment)
Complete the Security Assessment Report (SAR)
Provide POA&M update recommendations to the PMA/IPT based on assessment results
Ensure traceability of all vulnerabilities from raw assessment results to the POA&M
Support Continuous Monitoring (ConMon) activities (e.g.annual security reviews, system/changes/ Memorandums for the Record (MFRs))
Createconsolidatedlist of mitigation statements for POA&Ms (unclassified) toassistISSOs with established mitigation statements for common non-compliant security controls
Vulnerability Management Lead
Establish and execute a PMA-268 vulnerability management program, to include developing guidance for VRAM record creation and management.
Develop a PMA Vulnerability and Patch Management Policy
Coordinate development of System level Vulnerability and Patch Management Plans (VPMP)
NAVAIR Rapid Response Lead for PMA-268
Attend Rapid Response meetings
CoordinateconsolidatedPMA-268 responses to Orders received (i.e.EXORD, OPORD, TASKORD)
Monitor the NAVAIR Vulnerability Management Channel for notifications daily
Maintain the PMA-268 Cyber Directive Status tracker
Create andmaintaina Cyber Directives tracker onSIPRsummarizing the orders.
Manage PMA-268 Portfolio VRAM records
ISSO
Support PMA-268 Cyber Lead in execution of the PMA-268 Cybersecurity Program
Provide assistanceand guidance to PMA-268 ISSOs
Update and sustain PMA-268 RMF Training Slides
Latest RMF guidance
RMF roles and responsibilities flow chart
Assistin the development ofeMASSCommon Control Packages (CCPs)
Develop RMF security control family templates
Develop PMA Incident Response Plan
Coordinate and provide oversight for all MOU/ISA effortsrequiredin support of cyber authorizations or system use.
Skills and Qualifications
Strong customer relations, analytics, documentation skills
Self-starter, highly motivated, strong work ethic with a commitment to quality
Microsoft office suite proficiency, i.e., Word, Excel, PowerPoint
Ability to work within a challenging, fast-paced, team-oriented environment
Ability to work independently
Ability to multi-task and meet competing, deliverable deadlines
Detail oriented
Excellent interpersonal and customer service skills
Excellent verbal and written communication skills to provide clear status and/or communicate issues
Ability to adapt to evolving technology
Demonstrated experience in an area of engineering expertise is required.
Education and Experience
Bachelor’s degree intechnical or scientific field from an accredited college or university.
Three(3) years of recent and relevant experience.
Clearance This position is subject to a government security investigation and must meet eligibility requirements for access to classified information. In order to complete the requirements for government security clearance investigation you must be a U.S. Citizen and be able to complete the full background investigation. This position requires an Active Secret Security Clearance.
Compensation While skills, education, and experience are key factors, they are not the sole determinants of salary. Other determining factors include but are not limited to location, contract budgets and requirements, and government labor category guidelines. The estimated salary range for this position is $100,000-$145,000. KAIROS also provides a comprehensive benefits package asadditionalemployee compensation.
Benefits
Medical Coverage
Employer Paid Dental, Vision, Basic Life/AD&D, Short-Term/Long-Term Insurance
Health Savings Account with Contribution by Employer
401K Plan with Employer Matching
Annual Discretionary Bonuses
Paid Time Off
Eleven (11) Paid Holidays
Certification reimbursement program
Tuition Reimbursement Program
Paid Parental Leave
Employee Assistance Program (EAP)
Rewards and recognition programs
Community outreach events through our KAIROS Kares group
KAIROS, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, national origin, or any other characteristic protected by federal, state, or local laws.
To learn more about our organization be sure to check out our website, https://www.kairosinc.net/
#J-18808-Ljbffr