Job Description :
Skill : Security Engineer (with RMF, STIG)
Location : Virginia Beach, VA
Duration : Long-term
Position Description:
Leads overall security program for NEXCOM engagement, support the eCommerce application.
Author and maintain security related work products and deliverables, e.g. System Security Review (SSR), Secure Technical Implementation Guide (STIG), POA&M, etc.
Provides single point of accountability support to security functions for eCommerce.
Serves as team member and collaborate with other functional and technical teams.
Manage the client security relationship for eCommerce and coordinate, where applicable, with Retail Management System (RMS) counterparts
Support updating Integrated Master Schedule (IMS) milestones and other IBM program management related activities for security.
Collaborate with client teams, external assessors, and the IBM teams to ensure an Authority to operate is achieved for the system.
Required Skills:
Must have prior working experience with DIACAP and DoD RMF
Must have experience designing and implementing security controls for FIPS 199 Moderate impact or better systems
Must have experience achieving an Authority to Operate (ATO) for a FIPS 199 Moderate or higher information system
Preferred Skills:
Ideal candidate has supported at least one transition from DIACAP to DoD RMF
Ideal candidate has experience with enterprise ecommerce/websites, Oracle Commerce applications or Oracle retail applications
Provide primary job duties: Be specific in one-line bullets for the top 5 job duties required in the position in order of importance with the percentage of time required to do that duty in the job. The percentages must add to 100%.
Job Duty 1 with % of time -60% RMF
Job Duty 2 with % of time -20% STIGS
Job Duty 3 with % of time -10% IA Controls
Job Duty 4 with % of time - 5% Coordination with RMS Project
Job Duty 5 with % of time – 5% Guiding GBS team on RMF requirements
Please provide me a latest copy of your updated resume.
Thank you