This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

FWI is building a team to provide Program Management Office (PMO) Support Services for the Defense Agencies Initiative (DAI), ensuring the cybersecurity posture of a DoD-wide financial management ERP system that serves over 30 Defense Agencies and Field Activities. As a Cybersecurity Assessment and Authorization SME, you will execute all seven steps of the Risk Management Framework, maintain the system's Authority to Operate, and provide expert guidance on security control assessment, vulnerability management, and compliance with federal and DoD cybersecurity policies.

**Position is contingent upon contract award**

Work Schedule and Location:

• Remote: This is a full-time remote position.
• Work is performed Monday through Friday during standard core business hours (6:00 AM – 5:30 PM ET).
• Occasional travel to Fort Belvoir, VA may be required.
• This role also requires periodic access to classified information at a government facility.

Responsibilities

• Perform all 7 steps of the Risk Management Framework (RMF) per DoDI 8510.01, producing required deliverables at each step.
• Develop, maintain, and update RMF packages including System Security Plans (SSP), Security Assessment Reports (SAR), Risk Assessment Reports (RAR), and Plans of Action & Milestones (POA&M).
• Ensure compliance with federal, DoD, and DLA cybersecurity requirements, policies, and standards.
• Provide ISSE and ISSM support including security operations, account management, and DLA CERT IAVA tracking.
• Conduct vulnerability assessments using ACAS scanning and report findings.
• Support INFOCON and Incident Response planning, execution, and exercises.
• Develop and maintain the DAI Program Protection Plan and Acquisition Cybersecurity Strategy.
• Support Continuity of Operations (COOP) planning, exercises, and validation testing.
• Provide cybersecurity engineering support including integration of emerging security technologies.
• Manage audit log review and analysis; provide recommendations for improving audit capabilities.
• Support PKI engineering, policy development, and training.
• Perform STIG configuration execution and validation.
• Support DLA compliance assessment efforts through IACV program.

Qualifications

• 5 years of relevant Risk Management Framework (RMF) and NIST A&A experience.
• DoD cybersecurity experience.
• Experience assessing security controls and conducting authorization reviews for large, complex organizations.
• Experienced in the general tenets supporting overall DoD authorization process implementation.
• Knowledgeable in cybersecurity of emerging technology areas such as Cloud, Industrial Control Systems, warehouse execution systems, and Operational Technology (OT) infrastructures.
• Certified in accordance with DoDD 8140.01/DoDD 8570.01/DoD 8570.01-M for applicable cybersecurity duties.
• Must hold an active DoD Top Secret clearance.

Benefits

• Health Insurance
• Dental Insurance
• Vision Insurance
• Long-term and Short-term Disability Insurance
• Life Insurance
• 401(k) Plan
• Holiday Pay
• Paid Time Off

Pay Range

Negotiable