Cybersecurity Assessment & Authorization SME
Job Location:
Fairfax, VA - USA
Monthly Salary:
Not Disclosed
Posted on:
19 hours ago
Vacancies:
1 Vacancy
Job Summary
Serves as a Cybersecurity Subject Matter Expert (SME) with regards to Assessment and Authorization (A&A) of information systems and all associated cybersecurity policies and procedures. Performs a DOD cybersecurity process while either authorizing an information system or serving as a SME for an information system undergoing authorization. Possesses an understanding of how the security controls identified in the NIST 800-53 apply to the process of assessing and authorizing a large organizations IT infrastructure such as DLAs in which there is a compilation of large and small enclaves AIS applications and outsourced IT processes. Determines the applicable severity value for an identified vulnerability (e.g.
non-compliant security control) and determines the possible ramifications on the systems current or future authorization. Briefs senior management on the progress or results of an information system undergoing the Risk Management Framework (RMF) process.
RESPONSIBILITIES
REQUIRED SKILLS & QUALIFICATIONS
If you are interested in getting more information about this opportunity please contact Irina Rozenberg at your earliest convenience.
At Ariel Partners we solve the most difficult problems that inhibit technology from enabling our customers to achieve their goals. Our vision is to be recognized by our stakeholders as an elite provider of IT solutions so when they have their biggest challenges we are on their short list. We are looking for team members who share our values of: Integrity to do the right thing even when it hurts; Commitment to the long-term success and happiness of our customers our people and our partners; Courage to take on difficult challenges accept new ideas and accept incremental failure; and the constant pursuit of Excellence.
Ariel Partners is an Equal Opportunity Employer in accordance with federal state and local laws.
non-compliant security control) and determines the possible ramifications on the systems current or future authorization. Briefs senior management on the progress or results of an information system undergoing the Risk Management Framework (RMF) process.
RESPONSIBILITIES
- Serve as the primary A&A cybersecurity SME guiding assessment and authorization of Legacy AMPS systems.
- Perform Risk Management Framework (RMF) assessments in accordance with NIST 800-53/800-37 guidelines.
- Assess evaluate and document security controls for complex enterprise IT systems including provisioning SSO and PAM environments.
- Conduct Authorization Reviews for existing and new systems; determine impact of vulnerabilities and provide mitigation recommendations.
- Coordinate with government stakeholders and PMO to ensure compliance with all applicable DoD cybersecurity policies procedures and regulations.
- Prepare and deliver technical reports briefing materials and evidence for audit and security compliance reviews.
- Monitor and maintain security posture of systems in development test and production environments including Cloud and on-premises infrastructure.
- Leverage AI/ML tools as appropriate to automate assessment tasks and identify potential security gaps.
- Provide guidance on emerging cybersecurity technologies cloud security and identity governance within the DLA environment.
REQUIRED SKILLS & QUALIFICATIONS
- Must hold Active Secret Clearance
- Bachelors degree in Cybersecurity Information Technology Computer Science or related field.
- Minimum 5 years of relevant experience in RMF and NIST A&A assessments.
- Strong knowledge of DoD/Federal cybersecurity policies and regulations.
- Experience with Identity & Access Management (IAM) systems Oracle Identity Manager and SSO solutions.
- Familiarity with Privileged Access Management (PAM) tools (e.g. CyberArk).
- Hands-on experience assessing cloud (OCI FedRAMP IL5) and on-prem systems.
- Knowledge of vulnerability assessment patch management and security compliance auditing.
- Excellent communication documentation and presentation skills; ability to liaise with government personnel and PMO staff.
- Certifications: DoD-approved 8570 Baseline Certification (IAM Level I); additional Cloud/Security Certifications preferred (e.g. CCSP CCSK).
If you are interested in getting more information about this opportunity please contact Irina Rozenberg at your earliest convenience.
At Ariel Partners we solve the most difficult problems that inhibit technology from enabling our customers to achieve their goals. Our vision is to be recognized by our stakeholders as an elite provider of IT solutions so when they have their biggest challenges we are on their short list. We are looking for team members who share our values of: Integrity to do the right thing even when it hurts; Commitment to the long-term success and happiness of our customers our people and our partners; Courage to take on difficult challenges accept new ideas and accept incremental failure; and the constant pursuit of Excellence.
Ariel Partners is an Equal Opportunity Employer in accordance with federal state and local laws.
About Company
Ariel Partners is an IT software consulting firm with experience executing some of the largest and most difficult technology projects.