- Ensure application of security patches for commercial products integrated into system design and meet the timelines for the intended operational environment; ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
- Conduct inspections, assessments, and security reviews for unclassified and classified networks weekly.
- Provide compliance assessment analyses derived from the use of Government-provided scanning tools or checklists for all networks.
- Implement, apply, execute, and enforce STIG standards and processes to achieve uniform quality and consistency throughout all unclassified and classified network device lifecycles.
- Provide vulnerability and compliance assessment analyses derived from the use of government provided scanning tools i.e., ACAS and DoD Enterprise Security Solution (formerly HBSS) or manual checklists for unclassified and classified networks.
- Support daily operations, network accreditation, and compliance with security policies, DoD and Army regulations, OPORDs, and directives using automated and manual audits; fully support information systems confidentiality, availability, integrity, authentication, and non-repudiation.
- Participate in Change Control Boards (CCB), Technical Review Boards (TRB), and Engineering Review Boards (ERB) for all networks.
- Provide technical support in implementing, applying, executing, and enforcing RMF standards to achieve uniform quality and a level of consistency throughout all unclassified and classified network device lifecycles.
- Perform analysis on network assets and individual users for compliance with cybersecurity policies, directives, and best business practices using Government-provided automated tools such as: Comply to Connect (C2C), ESS, Host Intrusion Prevention Systems (HIPS), Intrusion Detection Systems (IDS), rogue device detection, proxy servers, Network Access Control (NAC), and auditing/logging tools.
- Provide documentation for RMF Compliance; conduct compliance reviews and create supporting artifacts for RMF packages for all current and future unclassified and classified networks.
- Draft, review, and maintain required DoD cybersecurity RMF documentation and artifacts to ensure full compliance with current DoD 8500.1, 8500.2, AR 25-2, and NIST as well as superseding policies and regulations.
Years of Experience: 2+
Education/Certifications: Requires IAT or IAM Level I certifications, to include one of the following: A+, CCNA-Security, CND, Network+ CE, SSCP, CAP, Cloud+, GSLC, Security+ CE, or HCISPP
Clearance Level: Secret with T3 investigation; IT Level II
COMPANY INFORMATION: Bravura is a rapidly growing Woman Owned Small Business (WOSB) that provides professional and engineering services, technology solutions and product offerings to DoD, Federal Civilian agencies. Bravura is an Equal Opportunity Employer. Bravura does not discriminate against employees or applicants for employment on any legally recognized basis (protected class) including, but not limited to: veteran status, uniform service member status, race, color, religion, sex, national origin, age, physical or mental disability, genetic information or any other protected class under federal, state, or local law. These are positions that require a U.S. Citizenship.