Responsibilities:

• Security Policy Development and Implementation:
• Develop, implement, and enforce information security policies and procedures in accordance with RMF, NIST, and FISMA standards.
• Ensure that security policies align with industry best practices and comply with applicable regulatory requirements.
• Risk Management Framework (RMF) Compliance:
• Lead the execution of the RMF process for information systems, including security categorization, control selection, implementation, assessment, and authorization.
• Conduct security control assessments and ensure the successful authorization of systems in compliance with RMF guidelines.
• NIST Framework Implementation:
• Implement and maintain security controls based on NIST guidelines and standards.
• Stay current with updates and changes to NIST publications, and incorporate relevant changes into the organization's cybersecurity posture.
• FISMA Compliance:
• Manage and oversee FISMA compliance activities, including the development and maintenance of required documentation.
• Coordinate with internal and external stakeholders to ensure FISMA requirements are met and maintained.
• Security Auditing and Monitoring:
• Conduct regular security audits to identify vulnerabilities and assess the effectiveness of security controls.
• Implement continuous monitoring processes to detect and respond to security incidents in a timely manner.
• Incident Response and Mitigation:
• Develop and maintain an incident response plan and coordinate incident response activities.
• Collaborate with relevant teams to investigate and mitigate security incidents and breaches.
• Training and Awareness:
• Develop and deliver cybersecurity training programs to enhance the awareness and skills of employees regarding security best practices.
• Stay informed about emerging threats and vulnerabilities to provide timely training and guidance.
• TS/SCI required