Cybersecurity /Risk Management Framework (RMF) Subject Matter Expert (SME)

at General Dynamics Information Technology
Location Honolulu, HI
Date Posted May 9, 2020
Category Default
Job Type Full-time

Description

Travel Required: None

Public Trust: None

Requisition Type: Regular

The GDIT Cybersecurity SME will:

  • Support the Information System Security Manager (ISSM) in requesting Authority to Connect (ATC) for new systems to be connected to production networks with a Change Request to the existing Risk Management Framework (RMF) / DoD Information Assurance Certification and Accreditation Process (DIACAP) accreditations. 
  • Consistently communicate with the major Cybersecurity stakeholders of the project on a weekly basis on all RMF progress and barriers to current and future progress in addition copies of the constructed RMF artifacts
  • Be responsible for all Cybersecurity actions (at a minimum any Interim Authority to Test (IATT), Authority to Connect (ATC), Authority to Operate using the security controls of CNSSI-1253, and include life-cycle Cybersecurity maintenance of the system.
  • Conduct/Lead ad-hoc meetings to discuss all Cybersecurity matters with P2E Cybersecurity, ICAN ISSM and anyone involved with this project (i.e., USARPAC, 311th SC(T), RCC-P, etc.), the GDIT PM and the government representatives
  • Work with the GDIT Engineering team to ensure the engineering design for each new system incorporates Cybersecurity criteria for the system components in accordance with (IAW) applicable Army Regulations (ARs), DoD regulations, and DISA STIGs
  • Support the Engineering team in developing a cyber-resilient system design and compliant baseline configuration for every type of device comprising the system
  • Document the Cybersecurity criteria and implementation plan for a cyber-resilient engineering design in the System Design Plan (SDP) and Engineering Implementation Plan (EIP). 
  • Develop, collect, and deliver Cybersecurity Artifacts to the ISSM to support entry into eMASS. (USG will coordinate to provide the Cybersecurity/RMF SME an eMASS Admin account). All Cybersecurity Artifacts documents must meet the local ICAN ISSM required quality standards.
  • Ensure all IT systems are fully compliant with all cyber security requirements of the network infrastructure and Visual Information Systems (VIS). Each system will utilize a standardized baseline configuration. 
  • Comply with DoD RMF process and work with the local ICAN ISSM of that enclave, system, or network to comply with current DoD policy and Army Regulation for Cybersecurity certification and accreditation process requirements.
  • Submit a POA&M for the systems, to include identification of control vulnerabilities for Non-compliant Test Result findings and Not Applicable (N/A) findings

Minimum Education:  A Bachelor’s degree in Computer Science or Information Systems, or equivalent experience.

Minimum Experience:  Recommend five (5) years’ experience on DoD Cybersecurity /RMF process.

Minimum Certifications/Qualifications:  IAT/IAM Level 3 Certified IAW DoD 8570.01 (example:  CISSP)

Duty Location:  Fort Shafter, Hawaii, with some local telework allowed.

Clearance:  Top Secret

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.