Job Details
Ncompass, LLC, a Service-Disabled Veteran Owned Small Business (SDVOSB) employing Subject Matter Experts (SMEs) who specialize in the assessment and management of system risk using the National Institute of Standards and Technology (NIST) and Risk Management Framework (RMF) for On-Prem and Cloud-Based systems, is seeking an experienced Information System Security Engineer (ISSE) with experience performing Risk Management Framework responsibilities for the federal government.
Locations: Primary: Ft. Belvoir, VA. Secondary: Ft. Meade, MD
Terms: Full-time
Travel: N/A
Remote/Hybrid/Onsite: Onsite
*** Must have a minimum of a Top-Secret security clearance ***
Summary:
Ncompass, LLC is seeking a Cybersecurity Professional with experience performing Risk Management Framework (RMF) responsibilities for the federal government. The candidate will participate in, and manage the activities leading to an information system s Authorization to Operate (ATO). The candidate will have extensive hands-on knowledge of Cybersecurity Management tools such as XACTA and eMASS as well as Enterprise Vulnerability Scanning tools such as ACAS. The candidate will have the ability to perform manual STIG checks and run SCAP compliance scans. The candidate will have a strong background in FedRAMP, Cloud Hosted systems, RMF and the NIST Series 800 Special Publications.
Responsibilities:
- Maintain ATO packages in eMASS and XACTA.
- Develop and update the information system security documentation artifacts.
- Create and manage Plan of Action and Milestones (POA&M)
- Conduct hands-on security testing (STIGs), and analysis of vulnerability scans (ACAS).
- Update and provide briefings and presentations to clients as needed.
- Provide overall security recommendations
Requirements:
- Must be 8570 compliant: Security+ Required.
- 5+ years experience in the field of information security
- Extensive knowledge of RMF
- Able to demonstrate proficiency with Linux Command Line Interface (CLI)
- Able to demonstrate proficiency in security tools such ACAS, eMASS and XACTA.
- Able to demonstrate proficiency with DISA STIGs and SRGs
- Understanding of the NIST Supplemental guidance for ongoing Authorization processes
- Strong working knowledge of Cloud-Based Systems such as AWS GovCloud or Microsoft Azure
- Strong working knowledge of networking and general information technology.
EEO STATEMENT:
Ncompass, LLC is an Equal Employment Opportunity employer committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or any other applicable legally protected characteristics.