Herren Associates - Washington, DC

posted about 2 months ago

Full-time
Washington, DC
Professional, Scientific, and Technical Services

About the position

At Herren Associates, we are dedicated to driving innovation within the Federal landscape, particularly in the realms of Cyber Security, Engineering, and Management Consulting. Our firm is passionate about fostering career progression and aligning motivated professionals with rewarding career opportunities. With over thirty years of experience supporting a diverse array of clients in the Public Sector, we invite you to explore our dynamic organization and the significant role you can play as we continue to make an impact in the years to come. The Cybersecurity Certification and Accreditation (C&A) Analyst will act as a Subject Matter Expert (SME) regarding the authorization of information systems and all associated cybersecurity policies and procedures. The ideal candidate will possess a comprehensive understanding of the Department of Defense (DOD) implementation of its authorization process, including the supporting cybersecurity policies, procedures, and processes. Candidates should demonstrate expertise in how the security controls outlined in NIST 800-53, NIST 800-82, and the Purdue Model apply to the validation and authorization of Operational Technology (OT) and Federal Risk and Compliance System (FRCS) infrastructures and systems. Strong communication skills, both written and verbal, are essential for this role, as the Cybersecurity C&A Analyst will be responsible for briefing senior management on the progress and results of information systems undergoing the authorization process. This position requires a proactive approach to problem-solving and the ability to work collaboratively with various stakeholders to ensure compliance with established cybersecurity standards and frameworks.

Responsibilities

  • Serve as a Subject Matter Expert (SME) on the authorization of information systems and associated cybersecurity policies and procedures.
  • Support the DOD implementation of its authorization process, including cybersecurity policy, procedures, and processes.
  • Apply knowledge of NIST 800-53, NIST 800-82, and the Purdue Model to validate and authorize OT/FRCS infrastructures and systems.
  • Assess security controls and conduct authorization reviews for large, complex organizations.
  • Communicate effectively with senior management regarding the progress and results of information systems undergoing the authorization process.

Requirements

  • 5 years of relevant Certification and Accreditation (C&A) experience.
  • 3 years of experience with the Enterprise Mission Assurance Support Service (eMASS).
  • Strong knowledge of NIST 800-82 Rev 2 and the Purdue Model.
  • Experience in assessing security controls and conducting authorization reviews for large, complex organizations.
  • DOD cybersecurity experience.
  • Possession of DHS ICS 301/301V or 401/401V certificates.
  • DOD Secret Clearance.
  • Eligibility for IT II.
  • Relevant certification meeting DOD 8570.01 IAM level III.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service