Cyber Risk Management Framework (RMF) Subject Matter Expert

company banner
Perspecta
Risk Management, Security, System, Architect, Developer, Engineer, Networking, CSP, IT
Full Time

Job Description

Responsibilities

The Cyber/Risk Management Framework (RMF) SME leads and manages all aspects the cyber security systems engineering of a space/ground acquisition program including the Risk Management Framework (RMF), the System Security Plan, and implementation of the Plans of Action and Milestones (POA&M) process. The leads serves as the technical subject matter expert for all security architecture design and cyber resiliency.
• Provides analytical and technical security recommendations to the customer
• Lead for the identification of projects' security requirements
• Provides security recommendations for systems using Cloud services
• Participates in network design reviews and security testing for the customer's networks
• Coordinates with system development teams to ensure network security standards are being followed and implemented correctly
• Identifies additional security requirements, based on RMF or as the result of security issues that put the customer's systems at risk
• Reviews and analyzes new systems (hardware and software) and provides recommendations concerning their security
• Reviews Security Requirements Traceability Matrixes (SRTMs), System Security Plans (SSPs) and other IA documentation for completeness
• Develop security controls and derived requirements
• Develop and coordinate RMF documentation and supporting artifacts for the assessment and authorization (A&A) of the system.
• Develop and implement a Continuous Monitoring (ConMon) Strategy
• Support the development of a cyber-threat model that describes the types of threats
• Lead the development and implementation of a Plan of Actions and Milestones (POA&M) process
• Support the development of a system security architecture in the form of diagrams and descriptive
The Cyber/Risk Management Framework (RMF) SME provides feedback to design engineers and evaluates end-to-end systems and systems-oriented products through their entire life cycle. Working as expert, conducts research and evaluates technical performance of software products and overall segments and systems. Ensures products and systems comply with requirements and government information assurance and cyber security standards and practices through formal verification methods. Verifies/validates systems with specific emphasis on network operations and cyber warfare tactics, techniques, and procedures focused on the threat to information networks. Assesses performance using evaluation criteria and technical performance measures. Prepares assessments and cyber threat profiles of current and planned products based on sophisticated testing, research, and analysis. Participates in design reviews of components (hardware and software) to ensure applicability to the current system and traceability of requirements. Reviews test plans/procedures and ensures they verify/validate the requirements. Develops and maintains analytical procedures to meet changing requirements. Produces high-quality papers, presentations, recommendations, and findings for senior US government intelligence and operations officials.

Qualifications

Requires 12 to 15 years with BS/BA or 10 to 13 years with MS/MA or 7 to 9 years with Ph.D.
Desired qualifications include:
• Current U.S. Government Top Secret/SCI with Poly
• An Advanced Cyber Certification (DoD 8570/8140 IAT Level III)
• A certification in one of the below Cloud certifications:
• CompTIA Secure Cloud Professional (CSCP)
• CompTIA Cloud+ CE
• AWS certification (Associate or Professional in Solutions Architect, Developer, DevOps Engineer, or Security Advanced Networking)
• Certified Cloud Security Professional (CCSP)
• Cloud Certified Professional
• Google Certified Professional Cloud Architect
• Certificate of Cloud Security Knowledge
• VMWare Certified Advanced Professional - Cloud Infrastructure Administration
• Microsoft Specialist: Implementing Microsoft Azure Infrastructure Solutions
• Microsoft Specialist Architecting Microsoft Azure Solutions
• At least 3 year of demonstrated experience providing security engineering to cloud capabilities and solutions in AWS, Azure or other mainstream CSP
• Excellent communications skills - Verbal and Non-Verbal

About Peraton

Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our 22,000 employees do the can't be done, solving the most daunting challenges facing our customers.
We are an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.

As a government contractor, Peraton abides by the following provision

Pay Transparency Nondiscrimination Provision

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of the other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c).



Company Information

Every day at Perspecta, we enable hundreds of thousands of people to take on our nation's most important work. We're a company founded on a diverse set of capabilities and skills, bound together by a single promise: we never stop solving our nation's most complex challenges. Our team of engineers, analysts, developers, investigators, integrators and architects work tirelessly to create innovative solutions. We continually push ourselves—to respond, to adapt, to go further. To look ahead to the changing landscape and develop new and innovative ways to serve our customers. Perspecta works with U.S. government customers in defense, intelligence, civilian, health care, and state and local markets. Our high-caliber employees are rewarded in many ways—not only through competitive salaries and benefits packages, but the opportunity to create a meaningful impact in jobs and on projects that matter. Perspecta brings a diverse set of capabilities to U.S. government customers in defense, intelligence, civilian, health care and state and local markets. Our 260+ patents are more than just pieces of paper, they tell the story of our innovation. With offerings in mission services, digital transformation and enterprise operations, our team of 14,000 engineers, analysts, investigators and architects work tirelessly to not only execute the mission, but support the backbone that enables it. Perspecta was formed to take on big challenges. We are an engine for growth and success, and we enable our customers to build a better nation. Perspecta's talented and robust workforce—14,000 strong—stands ready to welcome you to the team. Let's make an impact together.
Dice Id : 10166753
Position Id : 7173_104334
Originally Posted : 2 months ago

Similar Positions at Perspecta

Space Payload Subject Matter Expert
  • Chantilly, VA
  • 2 days ago
Satellite Bus Subject Matter Expert
  • Chantilly, VA
  • 2 days ago
Information Security Subject Matter Expert
  • Washington, DC
  • 2 days ago
SIGINT Subject Matter Expert III
  • Fort Meade, MD
  • 2 days ago
Risk Engineer
  • Chantilly, VA
  • 2 days ago
Risk Lead
  • Chantilly, VA
  • 2 days ago
Expert Cloud Engineer
  • Chantilly, VA
  • 2 days ago