Job Summary:We are seeking a skilled and detail-oriented Information Assurance Professional with expertise in one or more of the following frameworks: Risk Management Framework (RMF), Joint SAP Implementation Guide (JSIG), ICD-503, or NIST SP 800-53. The ideal candidate will play a critical role in ensuring the confidentiality, integrity, and availability of information systems across our organization.This role is suited for a professional who excels at navigating complex compliance requirements, identifying risks, and implementing effective security controls.
This is a 3 month contract to hire, current security clearance preferred.Responsibilities:
- Risk Management and Compliance:
- Implement and manage the Risk Management Framework (RMF) process, ensuring all steps from categorization to continuous monitoring are executed effectively.
- Apply requirements from JSIG, ICD-503, or NIST SP 800-53 to assess, document, and maintain security controls.
- Conduct security risk assessments and vulnerability analyses for information systems.
- Documentation and Reporting:
- Develop and maintain security documentation, including System Security Plans (SSPs), Risk Assessment Reports (RARs), and Security Assessment Reports (SARs).
- Prepare and submit reports to relevant stakeholders, such as Authorizing Officials (AOs) or Designated Accrediting Authorities (DAAs).
- Security Implementation and Monitoring:
- Work with system administrators and engineers to implement technical and procedural security controls.
- Monitor system security posture using automated tools and manual assessments.
- Investigate and respond to security incidents and anomalies.
- Collaboration and Training:
- Collaborate with cross-functional teams to ensure security requirements are integrated into system development and operations.
- Provide guidance and training to staff on security policies, standards, and best practices.
- Continuous Improvement:
- Stay updated on emerging threats, vulnerabilities, and regulatory changes.
- Recommend and implement improvements to security policies, procedures, and tools.
$45 - $60 an hour