SMX is seeking an RMF A&A Analyst to support our Marine Corps customer at Camp Lejeune in North Carolina.
As the RMF A&A Analyst, you will be part of a team that will be increasing mission effectiveness through Operation Security (OPSEC). You will conduct internal holistic assessments of both Unclassified and Classified DoD networks. The team assesses activity, processes, and operations to determine current posture to the baseline requirements and develops risk and vulnerability reports with recommendations for short and long-term mitigation for leadership consideration.Ultimately, the RMF A&A Analyst will provide support to test and assess the effectiveness of the operating forces in garrison in detecting, blocking, and preventing attacks and breaches.
Based upon findings, the team will make recommendations to mitigate risks and vulnerabilities found and preventative measures for strategic implementation.
The RMF A&A Analyst responsibilities will include the following:
- Reoccurring cyber assessment to analyze cybersecurity controls and document recommendations to remediate vulnerabilities.
- Assessment of all enterprise networks for identification, detection, protection, response, and recovery measures.
- Identification of cybersecurity risks and risk score for decision-making based upon where the asset could be exploited, the likelihood of exploitation, and the total impact that exploit as aligned to cybersecurity compliance requirements.
- On-site and remote compliance checking of systems and applications, and security reviews of application hosting environments.
- Vulnerability assessment, both remote and on-site, in accordance with DoD Cyber Readiness Inspections standards and the Marine Corps Cybersecurity Vulnerability Assessment and Analysis Strategy (MCVAAS), conducting security documentation reviews, physical and traditional security assessments, compliance checking of applicable technology areas, systems and applications
- Updated competency standards, qualifications framework and assessment guidelines for team Standard Operating Procedures (SOP) as directed.
Required Skills and Experience:
- Clearance Required: Secret
- A minimum of three (3) years’ experience conducting DoD network assessments
- DoD Directive (DoDD) 8140.01compliant (Security+ or equivalent)
- Meet Marine Corps Privilege User access requirements of current publication of Enterprise Cyber Security Manual 007
Desired Qualifications:
- Bachelor’s Degree
- One (1) year Marine Corps network management experience
- Five (5) years’ experience conducting code reviews.
- Two (2) years’ experience in Penetration Testing
- Three (3) years’ experience in security evaluation
#LI-JJ1 #cjpost #LI-OnsiteAt SMX®, we are a team of technical and domain experts dedicated to enabling your mission. From priority national security initiatives for the DoD to highly assured and compliant solutions for healthcare, we understand that digital transformation is key to your future success.We share your vision for the future and strive to accelerate your impact on the world. We bring both cutting edge technology and an expansive view of what’s possible to every engagement. Our delivery model and unique approaches harness our deep technical and domain knowledge, providing forward-looking insights and practical solutions to power secure mission acceleration.SMX is committed to hiring and retaining a diverse workforce.
All qualified candidates will receive consideration for employment without regard to disability status, protected veteran status, race, color, age, religion, national origin, citizenship, marital status, sex, sexual orientation, gender identity or expression, pregnancy or genetic information. SMX is an Equal Opportunity/Affirmative Action employer including disability and veterans. Selected applicant will be subject to a background investigation.