Compliance & Monitoring: Perform periodic self-inspections, tests, and reviews to ensure all workstations and systems operate within authorized/accredited parameters.
A&A Management: Lead Assessment and Authorization (A&A) activities, including certification testing and the development of System Security Plans (SSP), Risk Assessment Reports (RAR), and Security Controls Traceability Matrices (SCTM).
Continuous Monitoring: Maintain the day-to-day security posture of classified systems through event log analysis and the management of Continuous Monitoring (ConMon) and Plan of Action and Milestones (POA&M) reports.
Security Sustainment: Execute hardware and software change management, account management, media protection, and secure file transfers.
Stakeholder Coordination: Act as a key liaison between project stakeholders, the Facility Security Officer (FSO), and IT teams to maintain an acceptable information system security posture.
Corporate Support: Assist in certifications and audits (ISO/IEC 27001, CMMC) for unclassified IT systems and provide service desk support for general corporate IT incidents.
Requirements
Familiarity with RMF-based training courses (Categorization, Control Selection, Implementation, and Monitoring).
Prior experience supporting ISO/IEC 27001:2013 or CMMC audits.
Technical familiarity with hardware/software change management tools.
Experience in a Service Desk or technical support environment.
Ready to Apply?
Join Redhorse and make an impact in renewable energy