Job Description

• Provide Risk Management Framework (RMF) subject matter expertise to the client.
• Coordinate with Authorizing Officials, System Owners, Engineers, ISSO and other applicable teams to create and update SSPs, SARs, SIAs, Security Impact Analysis and other applicable documentation for legacy on-prem and Cloud systems.
• Assess and determine the NIST 800-53 Control Status for multiple ATOs.
• Update and maintain POAMs and ATO packages in CSAM
• Ensure assessment and authorization packages are in compliance with Federal government compliance and client requirements.
• Familiarity and understanding of FedRAMP, Cloud systems and the Customer Responsibility Matrix (CRM)
• On-time submission of contract deliverables with special attention to quality and accuracy.
• Monitor, track, and report on daily, weekly, and monthly team program initiatives.
• Evaluate configuration management (CM) for information system security software, hardware, and firmware.

Other Job Specific Skills:

• Experience and knowledge of NIST SP 800-37, NIST SP 800-53r5 and NIST SP 800-82r3 standards.
• Experience and knowledge of performing risk and vulnerability assessments for the purpose of change management (SIA).
• POAM management, tracking and reporting.
• Experience with RMF and Cloud authorization processes and procedures.
• Experience with categorization of Federal government systems.
• Experience in policy implementation with a Federal government client.
• Technical writing skills to include SOPs and Control Implementation.

EEO Requirements

It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.

All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment.

Physical Requirements

The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties' or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.

Disclaimer

The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.