Skip to content
Risk Management Framework Engineer
| Company | RTX |
|---|
| Location | Largo, FL, USA |
|---|
| Salary | $101000 – $203000 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Senior, Expert or higher |
|---|
Requirements
- A strong understanding and knowledge of computers, network, and security systems.
- Strong analytical, critical thinking, and problem-solving skills.
- Ability to work well independently under limited oversight, be self-directed and able to prioritize work.
- Typically requires a degree in Science, Technology, Engineering or Mathematics (STEM) and minimum 8 years prior relevant experience or an Advanced Degree in a related field and minimum 5 years of experience.
- Must be able to attain and maintain a DoD 8570 IAT Level II certification (Security+ or CISSP preferred).
- Active and transferable TS/SCI U.S. government issued security clearance is required prior to start date.
Responsibilities
- Execute and administer Information Assurance (IA) duties for information systems processing National Security Information.
- Work under the technical oversight of the Information Assurance Domain Lead and/or Information Technology staff and interact with functional management personnel and customer personnel on a regular basis.
- Ensure all National Industrial Security Program Operating Manual (NISPOM) requirements are implemented, and functional, and correctly documented using the Risk Management Framework (RMF).
- ICD 503 (a.k.a. Risk Management Framework) experience, including experience with ICD 503-related artifacts, including the SCTM, SAR, RAR, Continuous Monitoring Plan, and others.
- Experience developing System Security Plans (SSPs) and all supporting certification and accreditation documentation.
- Experience implementing the JSIG, DCID, DITSCAP, DIACAP or NISPOM requirements to include technical computer/network system auditing.
- Experience working directly with ISSMs and/or SCAs to review, update, and explain accreditation documentation.
- Understanding of STIGs, ACAS and other hardening and vulnerability management tools.
- Previous experience with ICD 705, JSIG, and JAFAN 6/3.
- Travel in support of tasks above on an as-needed basis.
Preferred Qualifications
- Ability to work with an extremely risk adverse customer and their policies.
- Ability to quickly switch tasks based on changing priorities.
- Ability to adapt both an offensive and defensive mindset to support securing information systems.
- Excellent writing, speaking, analytical, project management, organizational, and customer service skills.
- Deep understanding of NIST SP 800-series publications.
