Cybersecurity Assessment and Authorization

NexGen Data Systems is hiring for a Cybersecurity Assessment and Authorization (A&A) Subject Matter Expert (SME). The ideal candidate for this role will have experience performing DOD cybersecurity processes while authorizing an information system and/or serving as a SME for an information system undergoing authorization. This role will have direct communication with senior management and be responsible for briefing leadership on the progress or results of an information system undergoing the Risk Management Framework (RMF) process. Experience managing POA&Ms and a strong understanding of RMF is required to be successful in this role. This position is an on-site/hybrid role based out of either Fort Belvoir, VA OR Washington, D.C. Roles and Responsibilities: Performs a DOD cybersecurity process while either authorizing an information system or serving as a SME for an information system undergoing authorization. Identify the applicable NIST 800-53 controls to apply to the process of assessing and authorizing a large organization's IT infrastructure.
Determines the applicable severity value for an identified vulnerability.
Determines the possible ramifications on the system's current or future authorization. Briefs senior management on the progress or results of an information system undergoing the Risk Management Framework (RMF) process.
Manage Plans of Actions and Milestones (POA&Ms) resulting from system vulnerabilities from ACAS scans and STIG checks
Maintain package artifacts and test results within eMASS.
Coordinate with configuration management personnel to process Requests for Change (RFCs) into Use Cases.
Review and recommend updates to package artifacts such as policies and procedures to address non-compliant controls.
Assist with annual security reviews to maintain ATOs.
Identify and coordinate with ATO stakeholders to ensure system documentation reflects current system security configurations to include hardware and software components; data flow; interconnections; and ports, protocols, and services, etc.
Develop risk acceptance documentation for pending vulnerabilities. Other Duties: Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. Requirements
Desired/Required Skills: Five (5) years of relevant Risk Management Framework (RMF) and NIST A&A experience.
Department of Defense Top Secret clearance required.
CCSP-Analyst Certification required.
DOD cybersecurity experience.
Experience in assessing security controls and conducting authorization reviews for large, complex organizations.
Experienced in the general tenets supporting the overall DOD implementation of its authorization process, to include supporting cybersecurity policy, procedures, and processes.
Knowledgeable in the cybersecurity of emerging technology areas such as Cloud and Industrial Control Systems (ICSs), warehouse execution systems and Operational Technology (OT) infrastructures.
Outstanding organizational and time management skills.
Excellent communication and interpersonal abilities.
Reliable with exceptional work ethic.
Detail oriented with self-motivated attitude.
Collaborative, team focus to support cohesive work team.
Ability to handle competing priorities with high expectations in a team-oriented environment.
About the Company: NexGen Data Systems is an emerging technologies focused company providing expert systems and network engineering solutions to the Department of Defense. NexGen Data Systems promotes a culture of knowledge and career advancement through continued learning, keeping our team current on the latest advances in systems and networking, and enabling our team to provide the best available solutions to our clients. Benefits: Company covers 100% of premiums for the employee's medical, dental, and vision insurance and subsidizes premiums for spouse and dependents.
Company provides short and long term disability plans.
401(k) match up to 10% of the employee's salary contributions to 401(K) plan.
Comprehensive training and development program.
11 paid holidays and paid time off (PTO) accrual level starts at 15 days annually. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. NOTE: US Citizens and those authorized to work in the US are encouraged to apply. In order to be qualified for this position, you must be able to obtain and maintain a United States Department of Defense (DoD) security clearance. We are unable to sponsor Visas at this time. NexGen Data Systems provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws.