It Cybersecurity Specialist

Job Description

Job Description

Principal Duties and Responsibilities (

• Essential functions)
• Perform RMF activities leading to system RMF acceptance IAW DoDI 8510.01, NIST 800-series special publications, USAF policy and instructions, and AFRL RMF guidance as applicable on Engineering Directorate IT systems in networked, standalone and Amazon Web Services (AWS) / Azure cloud configurations.
• Shall also possess and be able to utilize experience in implementing and enforcing IT security policies and procedures, reviewing IT security requirements to determine impact to existing procedures and be fully competent in the execution of RMF system requirements, be capable of identifying vulnerabilities and risks of IT systems, and be able to write necessary get well plans for any deficiencies that cannot be immediately corrected, recommending solutions with little or no supervision.
• Accomplish system categorization, security control selection, security control implementation, security control assessment, and security control monitoring, including but not limited to accomplishing the RMF steps as outlined in DoDI 8510.01 on a system-by-system basis.
• Develop review, and update the necessary documentation associated with achieving RMF accreditation of each system as required. The Contractor needs to apply the currently accepted methods for documenting the RMF status of each system within the DoD environment.
• Coordinate RMF tasks associated with the effort with Engineering Directorate IT Management Branch personnel and its cybersecurity liaison.
• Comply with various DoD and AF RMF policies including, but not limited to, the following :
• DoDI 8500.01 Cybersecurity
• DoDI 8510.01 Risk Management Framework for DoD Information Technology
• DoD 8570.01M Information Assurance Training / Certification / Workforce Management
• CNSSI 1253 Security Categorization / Control Selection for National Security Systems
• NIST 800-series Special Publications (SP), Computer Security , including;SP 800-53 Security Controls and Assessment Procedures, AFI 17-130 Air Force Cybersecurity Program Management, AFI 17-101 Air Force Risk Management Framework (RMF) Program, and AFI Series 17 Cyberspace

Required Experience

One of the following combinations of education / experience :

Bachelors or Masters Degree in a related field and at least 7 years of experience in the respective technical / professional discipline being performed, three of which must be in the DoD;

Minimum of five years experience for networked and cloud systems

IAM Level II certification or higher

Previous Assessment and Authorization (A&A) experience, including RMF, of Air Force and DoD information systems.

U.S. Citizenship required; Active DoD Secret Clearance required.