Responsibilities
- Ensure adherence to Department of Defense cybersecurity requirements, including NIST 800-53 Revision 5, FedRAMP, Risk Management Framework, and DoD Impact Level 4 and 5 standards.
- Deploy and manage security monitoring tools, perform regular vulnerability scans, and apply zero-trust architecture principles across systems.
- Develop and maintain comprehensive security documentation such as System Security Plans, Security Assessment Reports, and Plans of Action & Milestones to support compliance and audits.
- Manage and oversee the Authority to Operate lifecycle, ensuring all required controls, assessments, and documentation are completed and submitted.
- Prepare and deliver the Cybersecurity Compliance & Risk Assessment Report, detailing identified vulnerabilities, risk treatment approaches, and control implementation status.
Other
- This role is dependent on the successful award of a contract.
- Adherence to Department of Defense cybersecurity standards including NIST 800-53 Rev. 5, FedRAMP, RMF, and DoD IL-4/IL-5 policies is required.
- Maintenance of system security documentation such as SSPs, SARs, and POA&Ms is a core responsibility.
- The position includes leading and monitoring ATO processes from initiation to closure.
- Timely submission of the Cybersecurity Compliance & Risk Assessment Report is mandatory.