Risk Management Framework Cyber SME

TMC Technologies is seeking a Risk Management Framework (RMF) subject matter expert to support our Space Systems Command (SSC) customer in Albuquerque NM. This position primarily supports collateral Top Secret and below programs performing all aspects of DoD RMF activities. The successful candidate possesses experience ranging from documenting implementing and assessing security controls to performing system monitoring and compliance assessment activities. We need a team player who enjoys expanding and sharing their knowledge and training others. You will be involved in all aspects of cybersecurity operations and will partner with program/site leads as well as government staff and mission partners to maintain an effective information security program.

Job Duties/Responsibilities:

Lead and work as part of an integrated team to develop and maintain RMF body of evidence documentation (e.g. System Security Plan Security Controls Traceability Matrix Plan of Action and Milestones etc.) using Enterprise Mission Assurance Support Service (eMASS) and/or Microsoft products such as Word Excel PowerPoint and Visio
Maintain repositories of all body of evidence documentation for systems under your purview and ensure they are accessible only to properly authorized individuals
Develop and execute security control assessment procedures to verify conformance with control requirements as part of ongoing continuous monitoring and authorization assessment activities
Work in close coordination with system administrators and other cyber team members to ensure systems are operated maintained and disposed of in accordance with applicable security policies and procedures and notify the ISSO/ISSM when changes occur that might impact system authorization posture
Ensure all security-related vulnerabilities and deficiencies are documented in the Plan of Action and Milestones (POA&M)
Ensure the development and implementation of an effective information security education training and awareness program
Ensure configuration management policies and procedures for authorizing use of hardware/software on a system are followed and coordinate any additions changes or modifications to hardware software or firmware with the ISSO/ISSM prior to the addition change or modification

Bachelors degree in Computer Science Cybersecurity or other related field and nine (9) years or more experience or Masters degree and seven (7) years or more experience
Active Top Secret security clearance with ability to obtain SCI within 3 months of hire
Five (5) years of experience working in information assurance or cybersecurity roles supporting classified DoD environments
DoD 8570 IAM Level II or higher baseline certification (CISSP preferred but other qualifying certs are acceptable - CISM CCISO CASP or CGRC)
Strong working knowledge of NIST 800-53 controls and RMF
Experience analyzing and interpreting outputs of various endpoint security vulnerability and enumeration tools (e.g. Tenable Nessus Security Center SolarWinds EndPoint Security Solutions Vulnerator SCAP Compliance Checker)