Be on Alert – Fraudulent Employment Offers. Learn More
Cyber Security Specialist - RMF
Working at ICF
Working at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth. If you’re seeking to make a difference in the world, visit www.icf.com/careers to find your next career. ICF—together for tomorrow.
ICF is looking for Cyber Security Specialists with experience in the DoD Risk Management Framework process for information systems. You will support the design, analysis, development, configuration, testing, training, securing and auditing of developed software, Linux operating systems, and VMWare Virtual environments. We're focused on providing our customers with expertise in the areas of computer security, information technology, information assurance and computer networking to develop and deploy state of the art capabilities. This project provides a unique opportunity to join a team that is focused on developing and securing superior products while encouraging the career growth of its members. This position is based in Centreville, VA.
- Assists the Cybersecurity Lead in planning, executing, and monitoring the six-step risk management framework (RMF) process for information systems (IS).
- Assists in defining the authorization boundary of the IS.
- Analyzes the IS and recommends categorization levels in accordance with NIST and CNSSI requirements.
- Prepares, maintains, and updates the system security plan.
- Assists in creation of the initial security control baseline, identifying common and hybrid controls, applying overlays, and tailoring.
- Prepares, maintains, and updates the continuous monitoring strategy.
- Configuration scanning to validate system configuration.
- Application of Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs).
- Identification of vulnerabilities and application of patches.
- Preparation, maintenance, and updating of security control policies and procedures and assists in creation of select policies and procedures, as required.
- Prepares, maintains, and updates the plan of action and milestones (POA&M).
- Prepares teams for security control assessments.
- System Administration of Red Hat Linux, and VMWare VSphere / ESXi systems.
- 3 years of Risk Management Framework (RMF) experience
- BA or BS in IT or relevant program
- Active DoD TS Clearance. Eligible for SCI
- IAT Level II certified (CISSP, CASP etc. )
- Certified Authorization Professional (CAP) or successful completion of “RMF for DoD IT” course
- Experience applying STIGs and SRGs
- Experience using ACAS, Red Hat Satellite, VROM, or Fortify
ICF is an equal opportunity employer that values diversity at all levels. (EOE – Minorities/Females/ Protected Veterans Status/Disability Status/Sexual Orientation/Gender Identity)
Reasonable Accommodations are available for disabled veterans and applicants with disabilities in all phases of the application and employment process. To request an accommodation please email email@example.com and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination: EEO is the law and Pay Transparency Statement.
Virginia Client Office (VA88)