Isso
Current• Facilitate movement of multiple information systems through the RMF process and maintain accreditations through continuous monitoring and annual reviews• Provide solutions to complex problems that require the regular use of expertise and creativity. Problems are broadly defined and solutions require the continuation of specialized theories and knowledge• Conduct risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs• Actively lead and participate in regular A&A status meetings with government and contract personnel to facilitate progress and address potential issues of RMF system efforts• Participate in sessions aimed at identifying, planning, and executing strategies in response to emerging cybersecurity/RMF policies• Maintain awareness and knowledge of evolving security and risk management standards and communicate and apply relevant changes to existing processes• Develop, update, and/or review RMF documentation to include Security Plans, Implementation Plans, Plans of Action and Milestones (POA&Ms), and Risk Assessment Reports• Assess system compliance against NIST, and DoD security requirements to include the NIST 800-53 controls, and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)• Produce evidence as necessary to support compliance status of NIST and DoD security requirements• Work with system administrators, engineers, and developers to create or update system/site policies, procedures, and process guides• Coordinate with other system SMEs to identify and develop authorization boundary diagrams, architecture diagrams, and hardware and software inventories• Analyze vulnerability scans of information systems and assist in remediation tasks• Lead or attend meetings with stakeholders to discuss statuses of efforts• Submit weekly reports to leadership regarding system/program status