ConMon Validator

Description

This position is contingent upon award.

Requires an active TS/SCI with CI Poly clearance prior to consideration.

Program Description:

The program provides Systems Engineering and Technical Assistance (SETA) core and non-core support in the areas of Cyber Security and Management to improve the Information Assurance (IA) posture of a National customer. The contracts Core Capabilities are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support.

The Information Security Continuous Monitoring Validator provides support to the customer in the area of Cyber Security. Daily tasks include, but are not limited to:

•  Supports the Information Security Continuous Monitoring (ISCM) Program Lead and Validator Lead in standing up the customer’s Continuous Monitoring (ConMon) program.
•  Assists ConMon Validator Lead with developing ConMon Validation process improvement activities
•  Validates, for efficacy, ConMon control Bodies-of-Evidence (BOEs) entered in the ConMon tool
•  Guides, mentors and instructs program Information System Security Officers (ISSOs) on methods to improve ConMon BOE entry language
•  Guides, mentors and instructs program Information System Security Officers (ISSOs) on methods to improve fidelity of ConMon BOEs
•  Assist Security Control Accessors (SCAs), FISMA and Inspector General (IG) Teams on examining ConMon BOEs for official reporting
•  Proactively identify and provide metrics and reporting data appropriate for AO/DAOs to make sound risk decisions for continued authorization of systems
•  Initiate and participate in studies to improve ConMon reporting metrics
•  Recommend improvements on Enterprise Security Services (ESS) tool implementations

Requirements

Required:

•  Current U.S. Government Top Secret clearance with SCI eligibility with favorably adjudicated Polygraph
•  DoD 8570 certification in IAT or IAM
•  Strong attention to detail and organizational skills
•  Excellent communications skills
•  Self-starter requiring limited direction and supervision
•  Experience implementing RMF Process and NIST 800-53 technical controls, as well as developing and maintaining associated certification and accreditation documentation
•  Experience as an ISSO, Information System Security Manager (ISSM), SCA, or Delegated Authorization Official Representative (DAOR)Strong attention to detail
•  Ability to work in a team environment
•  Working knowledge of Microsoft tools; Outlook, Excel, PowerPoint, SharePoint
•  Excellent oral and written communications skills

Desired:

•  Information Security Continuous Monitoring experience
•  Self-starter requiring limited direction and supervision
•  Bachelors of Science Degree in Science, Technology, Engineering or Mathematics (STEM) or an advanced IA certification (i.e. CISSP or CASP)
•  Experience briefing senior customer personnel
•  Experience supporting IC or DoD in the Cyber Security Domain with acquisition and project management
•  Experience with RSA Archer, Service Now, and Xacta
•  Cloud experience (certification preferred)