Liberty IT Solutions, a Booz Allen company, was founded on the principles of challenge and change. We are looking for talented individuals that want to challenge the assumptions of what an IT partner is capable of delivering and help our clients achieve the transformational change that is critical for their success. If you have the knowledge, the experience, and the drive to succeed, Liberty has a place for you. We are committed to help you to realize your potential and achieve success in your career.
Please submit your resume and we'll contact you as soon as relevant positions open up that fit your skills and background.It is the policy of Liberty IT Solutions, LLC to provide equal employment opportunity without regard to race, color, religion, age, national origin, sex, gender, sexual orientation, gender identity/expression, disability, protected veteran status, genetic information, or any other basis protected by institutional policy or by federal, state or local laws unless such distinction is required by law.
Mid-level RMF Support Analyst
- Job Title
- Mid-level RMF Support Analyst
- Job ID
- Melbourne, FL 32940
- Other Location
Summary: The Risk Management Framework (RMF) Support Analyst guides multiple Liberty ITS program deliverables through our customer’s RMF Process, ensuring the deliverable achieves an Authorization to Operate (ATO) on schedule. The Analyst effectively leverages their knowledge and familiarity with the customers’ RMF processes to secure this ATO by the required date, raising any concerns that may impact the ATO being granted and resolving any issues. Using their thorough knowledge of cybersecurity principles, concepts, policy and regulations, the RMF Support Analyst performs the role of System Steward to complete the deliverable’s eMASS record, with special emphasis on control implementation verbiage to ensure it is clear, concise and accurately depicts how the security and privacy controls are met. Working with program members and the IS Owner, the Analyst identifies IS risks and possible mitigation measures, documenting these in various risk reports and Plans of Action and Milestones (POA&M). The RMF Analyst also serves a mentor to a junior analyst, ensuring their wealth of cybersecurity knowledge is passed on to the next generation of RMF Analysts.
Required Education: Bachelor degree in Cybersecurity, Computer Science, Electronic Engineering or other engineering or technical discipline is required
Required Years of Experience: 4-7 years’ experience in cybersecurity, at least two of those years being RMF experience; 8 years of additional relevant experience may be substituted for the required education
- Possess hands-on experience processing an Information System (IS) through a Federal government RMF process
- Ability to translate technical IS configurations into non-technical documentation
- Knowledge of RMF requirements and automated tools to validate compliance with these requirements
- Knowledge of business process engineering, requirement engineering, and testing practices
- Possess the ability to create/analyze requirements accountability records
- Ability to verify that software and its documentation are compliant with applicable requirements
- Ability to work in a team with diverse backgrounds
- Are proficient in MS Office applications, including Word and Excel
- Strong problem solving and critical thinking skills
- Ability to prioritize workload and multi-task multiple projects
- Hands-on experience with security tools like Data Leak Protection (DLP), Nessus/Security Center, Nagios, Splunk, eMASS/Xacta/CMAS, etc.
- U.S. Government security clearance, Position of Public Trust (PPT) background investigation or the ability to achieve a PPT
- 1-2 years Department of Veterans Affairs (VA) RMF experience
- Current VA PPT background investigation
- Microsoft SharePoint management
- Experience working in an ISO/CMMI/DevSecOps environment
- Understanding of Software Development Lifecycle Process, especially Agile Development (SCRUM and/or Kanban)
- Rational, Atlassian JIRA experience
- Minimum of a Security+CE; CISSP or other advanced CompTIA/ISC2/ISACA/GIAC security certifications preferred