Raven Technologies - Charlottesville, VA
posted 9 days ago
This position offers an exciting opportunity to join a small but growing team of dedicated technical experts focused on enhancing our nation's security. The role requires a comprehensive understanding of the Risk Management Framework (RMF) and its principles, including risk assessment, risk mitigation, and risk monitoring. As a member of the team, you will be responsible for supporting Assessment and Authorization (A&A) processes, which involve conducting security control assessments, performing risk assessments, and ensuring authorization to operate. Your expertise will be crucial in maintaining compliance and monitoring security controls effectively. In addition to A&A support, you will engage in continuous monitoring practices, which include security control monitoring, vulnerability management, and compliance reporting. Your knowledge of Continuous Risk Evaluation (CRE) engine integration will be essential, as you will work on risk scoring, threat analysis, and vulnerability management. Familiarity with Continuous Diagnostics and Mitigation (CDM) principles will also be necessary, as you will be involved in the continuous monitoring and mitigation of security threats. The role requires a solid understanding of automated cloud security management tools, including cloud security posture management, compliance, and governance. You will need to demonstrate knowledge of cloud security principles, including cloud security architecture, controls, and compliance. Additionally, familiarity with cybersecurity frameworks, particularly the NIST 800-53 Cybersecurity Framework, is essential. Experience with Security Information and Event Management (SIEM) systems, including log collection, analysis, and incident response, will be a significant part of your responsibilities. Lastly, a strong foundation in vulnerability management principles, including vulnerability scanning, penetration testing, and remediation, is required to ensure the security of our systems.