Cybersecurity RMF Analyst

Job not on LinkedIn

🔥 15 hours ago

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of KBR, Inc.

KBR, Inc.

10,000+ employees

Founded 1901

🏛️ Government

Engineering • Government • Sustainability

KBR, Inc. is a global company that provides science, technology, and engineering solutions to governments and companies worldwide. Renowned for its commitment to sustainability, KBR delivers innovative and high-quality solutions in areas such as sustainable technology, government solutions, and digital acceleration. KBR is dedicated to creating a diverse and inclusive work environment, valuing its employees and fostering a culture of integrity and operational excellence. With a strong focus on delivering sustainable value for stakeholders, KBR operates as a trusted partner in various industries.

📋 Description

• Assess cybersecurity standards and practices of cloud-based systems against FedRAMP, DoW, and DHA requirements • Document cybersecurity posture in support of the RMF process • Facilitate movement of multiple information systems through the RMF process and maintain accreditations through continuous monitoring and annual reviews • Provide solutions to complex problems that require the regular use of expertise and creativity • Serve as Subject Matter Expert (SME) on one or more technologies/skills related to A&A activities and documentation • Participate in sessions aimed at identifying, planning, and executing strategies in response to emerging cybersecurity/RMF policies • Maintain awareness and knowledge of evolving security and risk management standards and communicate and apply relevant changes to existing processes • Develop, update, and/or review RMF documentation to include IV&V results, Risk Assessment Reports, and POA&M development • Develop, update, and/or review cybersecurity documentation for the use of cloud native services such as those offered by Microsoft, Amazon, Oracle, and Google • Assess system compliance against NIST, DoW, and DHA security requirements to include the NIST 800-53 controls, and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs) • Produce evidence as necessary to support compliance status of NIST, and DoW • Review and assess authorization boundary diagrams, service architecture diagrams, data flow diagrams, hardware and software inventories • Analyze vulnerability scans of information systems

🎯 Requirements

• Bachelor’s Degree and ten (10) years of experience with Cybersecurity / Information Technology, or eighteen (18) years of hands-on experience with Cybersecurity / Information Technology in lieu of degree • Active DoW Secret security clearance • DoW 8570-compliant certification • Demonstrated experience assessing, managing, engineering, or architecting cloud technologies from major vendors such as Microsoft, Amazon, or Google • A cloud related certification such as Google Certified Professional Cloud Architect, Microsoft Azure Fundamentals, AWS Certified SysOps Administrator, or ServiceNow Certified Administrator • Experience with Risk Management Framework • Experience in RMF package review, including POA&Ms (mitigation statements), Security Plans, Risk Assessments, architecture diagrams, hardware/software inventories, and system/site policies, procedures, and processes • Experience working within DoW • Experience in assessing systems using NIST 800-53 and/or DISA STIGs and SRGs

🏖️ Benefits

• KBR offers a selection of competitive lifestyle benefits which could include a 401K plan with company match • medical, dental, vision, life insurance, AD&D, flexible spending account, disability • paid time off • flexible work schedule • support career advancement through professional training and development

Apply Now

Similar Jobs

🕒 Yesterday

Guild Mortgage

1001 - 5000

💸 Finance

🏠 Real Estate

Senior IT Security Analyst at Guild Mortgage guarding enterprise systems and managing security tools. Responsible for advanced threat detection, response activities, and improving security posture.

🕒 Yesterday

Advocate Aurora Health

10,000+ employees

⚕️ Healthcare Insurance

Epic Application Analyst developing and analyzing security processes for healthcare applications. Leading configuration, testing, and user training in a remote setting from specified US states.

🇺🇸 United States – Remote

💵 $38 - $57 / hour

💰 $10.2M Grant on 2019-08

⏰ Full Time

🟡 Mid-level

🟠 Senior

🔐 Security Analyst

🕒 Yesterday

American Residential Services

5001 - 10000

👥 B2C

Threat Vulnerability AI Analyst at ARS-Rescue Rooter automating security operations using AI. Focused on vulnerability management and AI-driven workflows in a hybrid role.

🕒 Yesterday

American Residential Services

5001 - 10000

👥 B2C

Infrastructure Security Analyst at ARS-Rescue Rooter monitoring security posture for network, servers, and endpoints while coordinating with infrastructure teams.

🕒 Yesterday

Salesforce

10,000+ employees

☁️ SaaS

🤝 B2B

🤖 Artificial Intelligence

Information Security Analyst overseeing compliance and security initiatives in Salesforce's Government Cloud Division. Collaborating with stakeholders to enhance operational processes and implement innovative security solutions.