Day to day activities may include the following:
Providing technical and compliance administration support for the Assessment and Authorization (A&A) of Risk Management Framework (RMF) packages, for the Marine Corps Community Services (MCCS) world-wide network (MCCSNet) and systems.
Developing, reviewing, and assessing risk boundaries, package content, and submittal requirements for all Compliance initiatives, in accordance with Payment Card Industry (PCI) Data Security Standard (DSS), Federal, DOD, DON, and HQMC Command, Control, Communications & Computers for Cyber security (C4/CY) policy and standards.
Conducting systems security audits, risk assessments, and vulnerability analysis and reporting
Providing cyber security oversight and support for HQ MCCS and subordinate field commands.
Conducting vulnerability scans, system assessments, risk analysis, and technical recommendations to validate compliance.
Assists technical staffs with development of plans of action and milestones (POAM) and tracks progress to project/task completion.
Expertise in the following areas is preferred:
A&A cloud expertise with understanding of data center and cloud computing in the following priority order:
Military equivalent training in Information Assurance and/or Computer Network Defense specialized Military Occupational Specialty (MOS) appropriate to the requirements of this position is a plus .
ACAS or Tenable Security Center Continuous View
Risk Management Framework (RMF)
Vulnerability and Risk Assessment, Analysis, and Reporting
DISA Security Content Automation Protocol (SCAP) content and Security Technical Implementation Guides (STIGS)
Security Compliance Checker, STIG Viewer, and Vulnerator
Malware and Virus prevention, detection, and remediation
Analysis of system auditing and logging
Active Directory, Microsoft System Center Configuration Manager (SCCM)
DON Application and Database Management System (DADMS)
Department of Defense (DoD) Information Technology Portfolio Repository (DITPR) /Department of Navy (DON)
Federal Risk and Authorization Management Program (FedRAMP)
Networking, System Administration Windows and Unix/Linux platforms
Database Administration and Application Development
USN and/or USMC Certification and Accreditation tools eMASS and MCCAST
Patch Management, Incident Response, and Asset/Inventory Management
DoD 8500. 01 and DoD 8510. 01 and National Institute of Technology Standards (NIST) publications
Payment Card Industry Data Security Standards (PCI DSS) Requirements
Education and Clearance Requirements:
BS & 8 yrs. experience