This role provides information security solutions compliant with the Risk Management Framework (RMF) and ICD 503 Security Accreditation control as part of an Agile team. Responsibilities include collaborating with the customer security organization to ensure RMF processes are followed, policy is translated to operational procedures, proper tools are leveraged in the DevSecOps CI/CD Pipeline, and verification that security policy and procedures are enforced. This role performs security scans, reviews scan results, and provides application architecture consultation. Flexible cross-training to also provide systems engineering, software development, training, security, and testing is also desired.
- This role is responsible for protecting the organization's information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording and destruction.
- Duties include managing and enforcing security strategies and policies within established guidelines.
- Responsibilities include IT Security Strategy, CyberSecurity, and Compliance and Risk Management.
EDUCATION & EXPERIENCE: Requires BS degree and 12 years of prior relevant experience or Masters with 10 - 13 years of prior relevant experience. May possess a Doctorate in technical domain.
- Experience with the Risk Management Framework (RMF) and ICD 503 Security Accreditation processes.
- Experience coordinating with Information System Security Managers (ISSM) in testing, documenting, and achieving accreditation of systems throughout the development process, and achieving operational acceptance.
- Candidate must have an active TS/SCI with a polygraph.