Systems Security Engineer, Senior

Resource Management Concepts, Inc. (RMC) provides high-quality, professional services to government and commercial sectors. Our mission is to deliver exceptional management and technology solutions supporting the protection and preservation of the people and environment of the United States of America.

RMC is hiring for a Systems Security Engineer, Senior to support a Department of the Navy (DoN) customer in Port Hueneme, CA.

Responsibilities include the following:

• Managing the Risk Management Framework (RMF) packages associated with corporate and research, development, test, and evaluation (RDTE) information systems in Enterprise Mission Assurance Support Service (eMASS).
• Supporting includes coordination with the cybersecurity team to ensure efforts align with mission objectives. Support includes coordination with the network operations and software development teams to ensure valid and accurate testing results are provided [Assured Compliance Assessment Solution (ACAS) vulnerability scans, Defense Information System Agency (DISA) Security Technical Implementation Guide (STIG) checklists, and Assessment Procedure (AP) assessments] which are then uploaded to eMASS and Vulnerability Remediation Asset Manager (VRAM), as required.
• Must be proficient with the Department of Navy RMF Process.
• Must be familiar with Department of Defense Instructions (DoDI) 8500.01 and 8510.01, and the National Institute of Standards and Technologies (NIST) Special Publication series.
• Must possess a working knowledge of one or more of the following: ACAS, DISA STIGs, eMASS, and VRAM to include the ability to parse test results and produce the associated RMF documentation.
• Familiarity with additional toolsets and technologies that support RMF processes including STIGViewer and Vulnerator is preferred.
• Familiarity with the Navy RMF Process Guide (RPG) is preferred.
• Familiarity with Naval Sea Systems Command is preferred.

Requirements

• Minimum five years of experience with the DoD Cybersecurity Authorization & Accreditation processes and tools (to include RMF and eMASS).
• Minimum five years of Cybersecurity system auditing and monitoring experience (to include Inspector General inspection and Command Cyber Readiness Inspection criteria).
• Experience with the Navy’s ACAS system and Navy’s VRAM.
• BS degree and three to five (3-5) years of experience with Information Technology or Cybersecurity –OR– eight (8) years of hands-on experience with Information Technology or Cybersecurity.
• Demonstrate one of the following qualified and current certifications:
• GSLC
• CISSP
• CISM
• CAP
• CASP

• Security Clearance: An Interim DoD Secret Clearance is required to start. Personnel may be required to obtain and maintain a TS clearance. Applicant selected may be subject to a security investigation and must meet eligibility requirements for access to classified information.

Preferred Skills

• Graduate Degree from accredited University or CNSSI 4012 or NDU CISO certificate or NDU CIO certificate or AQD GA8. or successful completion of military training course: NEC 2779 (CIN: A-531-0009) or 3372 or (EKMS Manager CIN W-3B-1500 ) or A-4C-1340 (KMI) (or DOD Service equivalent)
• Experience with DoD or DoN cybersecurity policies and procedures.
• Experience managing DoD Cybersecurity Program requirements and deliverables.
• Knowledge of HBSS, Firewall, IDS, and IPS.

Benefits

At RMC, we're committed to your career growth! RMC differentiates itself from other firms through its investment in our employees. We invest our resources to train, certify, educate, and build our employees. RMC can offer you a great place to work with a small company feel and give you the experience and certifications that will take your career to the next level. RMC also offers high-quality, low-deductible healthcare plans and a competitive 401K package.

Salary at RMC is determined by various factors, including but not limited to location, a candidate's specific combination of education, knowledge, skills, competencies, and experience, as well as contract-specific requirements.