USARMY DEVCOM Information Security Analyst (RMF SME)

Principal Duties and Responsibilities (*Essential Functions):

COLSA is seeking an experienced Risk Management Framework (RMF) Subject Matter Expert (SME) to support the US Army Development Command (DEVCOM) HQ. This position requires expertise in support of RMF Assess and Authorize (A&A) activities related to accreditation of DEVCOM enclaves, applications, closed restricted networks, and standalone information systems within Enterprise Mission Assurance Support Service (eMASS).

• Perform the supporting technical role and actions necessary to support and participate in the Cybersecurity authorization of DEVCOM unclassified and classified networks and systems.

• Develop, document, enforce, audit, remediate and update cybersecurity controls, policies, procedures, Security Technical Implementation Guides (STIGs), and Assured Compliance Assessment Solution (ACAS) requirements for all information systems.

• Develop, maintain, and disseminate Standard Operating Procedures (SOPs), training artifacts, and policies to streamline RMF and other cybersecurity efforts across DEVCOM and the Centers/Army Research Laboratory.

• Provide RMF program support that will enable DEVCOM and subordinate organizations to obtain, support and maintain ATO approvals for DEVCOM IT systems, applications, and networks.

• Work with DEVCOM and subordinate organization Cybersecurity teams to assist in preparation of documentation and technical data necessary for compliant ATO package submissions in eMASS.

• Review vulnerability and compliance scans of information systems hardware and software, review and monitor audit records of information systems, and work with organizational teams to recommend remediation for security flaws and configuration issues.

• Disseminate and maintain guidance (SOPs, training artifacts, policies, etc.) that needs to be distributed to sub-organizations. Develop procedures and processes to assist with RMF lifecycle and implementation, including tracking cybersecurity compliance posture for DEVCOM and subordinate organizations.

• Assist with implementation of Information Assurance Vulnerability Management (IAVA) Program dissemination, reporting, and compliance procedures; prepare, distribute, and collect supporting data and ensure timely response for all taskers.

At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our "Family of Professionals!" Learn about our employee-centric culture and benefits here (~~~/) .

Required SkillsRequired Experience

• Bachelor's Degree or higher in related field

• Minimum of 15 years of work-related experience

• DoD 8570 IAM Level II/III certification

• Strong knowledge and experience of Risk Management Framework (RMF) package creation and maintenance using eMASS.

• Ability to clearly present and communicate compliance plans, policies, and procedures.

• Strong written and verbal communication skills

• Previous experience with creating and maintaining Plans of Action and Milestones (POA&Ms), Standard Operating Procedures (SOPs), and other RMF artifacts.

• SECRET security clearance required; US Citizenship required

Preferred Qualifications

• Graduate Level Degree

• Operating System certification

• Work experience with eMASS or equivalent tool for managing RMF Assessment and Authorization (A&A) activities.

• DoD 8570 IAM Level III Certification

Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.