Cybersecurity Policy and RMF Analyst

Job not on LinkedIn

September 30

Apply Now

Receive Emails with Similar Jobs

Concept Plus, LLC

WebsiteLinkedInAll Job Openings

Government • Cloud • AI

Concept Plus, LLC is a certified small, 8(a) disadvantaged business that specializes in providing information technology solutions and services to the federal government. The company focuses on cloud computing, data analytics, artificial intelligence, and the development and modernization of mission-critical enterprise systems. With services such as Oracle solutions, cloud solutions, digital services, and data analytics, Concept Plus maximizes client results by utilizing leading-edge technology solutions to enhance interoperability and promote evidence-based decision-making. The company's offerings are built on decades of experience in technology and government consulting and extend to commercial clients as well.

51 - 200 employees

🏛️ Government

📋 Description

• Adhere to the DoD cybersecurity policy requirements set forth in DoDI 8500.01, "Cybersecurity," and DoDI 8510.01, "Risk Management Framework (RMF) for DoD Information Technology (IT)" and their successors. • Monitor identified risks and track response actions to ensure they support the customer Risk Management Strategy and are properly documented in a risk registry. • Provide recommendations to business and IT leaders on best business practices followed in the industry to mitigate or remediate risks • Schedule, conduct, and track RMF validations for each IT Portfolio. • Review of security controls, as part of a risk assessment, as needed to support an Authorization to Operate (ATO) of an investment. • Review vulnerabilities and identify potential risks based on the type of vulnerability and the potential impact. • Identify actions needed to protect information flows to ensure adherence to legal and regulatory standards. • Coordinate the development of plans and procedures to ensure that business-critical services are recovered in the event of a digital risk event. • Facilitate and support the development of asset inventories, including digital assets in cloud. • Track all technology requests. • Track open vulnerabilities and provide a status on each open risk for each IT Portfolio / Investment. • Ensure POAMs are current and reflects all known weaknesses. • Stay up-to-date with the latest Azure and FedRAMP regulatory changes and industry trends, advising teams on potential impacts and necessary adjustments.

🎯 Requirements

• US Citizenship • Active DoD Secret Clearance (or able to obtain) • Bachelor’s Degree in an IT related field • Meet DoD 8570 Information Assurance Technician (IAT) Level II or Higher (Sec+ CE or Higher) • 3+ Years Experience with the Risk Management Framework Process • 3+ Years Experience operating the Enterprise Mission Assurance Support Service Application (eMASS)

🏖️ Benefits

• competitive pay • comprehensive health insurance • dental and vision insurance • paid life insurance • paid time off • 11 paid holidays • bonuses • tuition reimbursement • unlimited training • opportunity to work in a collaborative, flexible, innovative environment