Parsons Corporation JOURNEYMAN RISK MANAGEMENT FRAMEWORK (RMF) ANALYST in Reston, Virginia
In a world of possibilities, pursue one with endless opportunities. Imagine Next!
When it comes to what you want in your career, if you can imagine it, you can do it at Parsons. Imagine a career working with intelligent, diverse people sharing a common quest. Imagine a workplace where you can be yourself. Where you can thrive. Where you can find your next, right now. We’ve got what you’re looking for.
Parsons is looking for an amazingly talented RMF Analyst to join our team!
What You'll Be Doing:
As a Journeyman RMF Analyst you will provide support to a broader Information Assurance (IA) Team in their efforts to develop and provide Assessment & Authorization (A&A) packages, to include development and analysis of required policies and other deliverables as required throughout the RMF lifecycle, to obtain and maintain Authorizations to Operate (ATOs) for assigned DoD programs.
Provide support to the full RMF lifecycle, including, but not limited to, assistance with system security categorization, system security control selection, tailoring, enhancement, compensation and supplementation, system security control assessments and implementation, artifacts, and continuous monitoring support.
Conduct risk and vulnerability assessments of systems and implement security configurations utilizing DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs) and automated scanning software
Analyze system design, identify risks, and provide support to the development of mitigation plans of action
Participate in sessions aimed at identifying, planning, and executing strategies in response to emerging cybersecurity/RMF policies
Maintain awareness and knowledge of evolving security and risk management standards and communicate and apply relevant changes to existing processes
Assist with A&A issues that may be preventing the system/enclave from receiving an ATO
Assess system compliance against NIST, DoD, JSIG, and other security requirements to include the NIST 800-53 controls and DISA STIGs/SRGs
Produce evidence as necessary to support compliance status of NIST, DoD, and other security requirements to include cybersecurity risk assessment reports as well as internal risk management procedure documentation
Perform cyber risk assessments on enterprise environments, suppliers, and software to identify cybersecurity risks,
You will lead cyber projects, as well as collaborate closely with business stakeholders, supplier contacts, and other IT service teams on documentation, POAMs, network security design, implementation, threat mitigation
You will provide risk management decisions with regards to company solutions, policies, and security practices
Independently and collaboratively conduct cybersecurity assessments of suppliers and environments according to prescribed evaluation criteria and/or policies/regulations and deliver within established timeframes
Independently review and analyze third party COTS and Open-Source code/software for enterprise risk, performing Static Code Analysis scans and analysis and investigating code vulnerabilities using supply chain risk management process
Work with system administrators, engineers, ISSM, ISSO, and security POCs to create or update system/site policies, procedures, and system security plans
Analyze and audit vulnerability scans of information systems and assist in remediation tasks
Develop, update, and/or review RMF documentation to include Plans of Action and Milestones (POA&Ms) and Risk Assessment Reports
Coordinate with other IA Team members and system SMEs to identify and develop authorization boundary diagrams, architecture diagrams, and hardware and software inventories
Attend meetings with stakeholders to discuss statuses of efforts
What Required Skills You'll Bring:
Bachelor’s of Science degree in an Information Technology or Cyber Security major with 2 years of work experience in a cyber security role (In lieu of a degree, 4 years experience and professional cyber certifications may be considered to meet qualification requirements)
Demonstrated excellent verbal and written communication skills
Minimum of an IAT level I/ IAM I certification that is 8570 compliant.
Experience with the Linux Operating System
Experience with scripting and programming
What Desired Skills You'll Bring:
Knowledge of network security as well as ability to read network security diagrams and data flow charts
Excellent project and time management skills
Experience and ability to work well in a remote role/team
Demonstrated skills in STIG incorporation and auditing IS components.
Minimum Clearance Required to Start:
This position is part of our Federal Solutions team.
Our Federal Solutions segment delivers resources to our US government customers that ensure the success of missions around the globe. Our diverse, intelligent employees drive the state of the art as they provide services and solutions in the areas of defense, security, intelligence, infrastructure, and environmental. We promote a culture of excellence and close-knit teams that take pride in delivering, protecting, and sustaining our nation's most critical assets, from Earth to cyberspace. Throughout the company, our people are anticipating what’s next to deliver the solutions our customers need now.
$92,200.00 - $161,400.00
The position may require a COVID vaccination or an approved accommodation/exemption for a disability/medical condition or religious belief as required by customer requirements and some cases federal, state, provincial or local mandates.
Parsons is an equal opportunity employer committed to diversity, equity, inclusion, and accessibility in the workplace. Diversity is ingrained in who we are, how we do business, and is one of our company’s core values. Parsons equally employs representation at all job levels for minority, female, disabled, protected veteran and LGBTQ+.
We truly invest and care about our employee’s wellbeing and provide endless growth opportunities as the sky is the limit, so aim for the stars! Imagine next and join the Parsons quest—APPLY TODAY!About Us
Parsons is a digitally enabled solutions provider focused on the defense, security, and infrastructure markets. With nearly 75 years of experience, Parsons is uniquely qualified to deliver cyber/converged security, technology-based intellectual property, and other innovative services to federal, regional, and local government agencies, as well as to private industrial customers worldwide.
Parsons is an equal opportunity, drug-free employer committed to diversity in the workplace. Minority/Female/Disabled/Protected Veteran/LGBTQ+.
For more about Parsons, visit parsons.com and follow us on Facebook, Twitter, LinkedIn, and YouTube.