Duties May Include:

• Apply RMF processes to support system Assessment & Authorization (A&A), including control selection, implementation, assessment, and continuous monitoring


• Develop, review, and maintain security documentation such as SSPs, POA&Ms, SARs, and ATO artifacts in tools such as XACTA or eMASS


• Conduct vulnerability assessments and compliance scans (e.g., ACAS) and track remediation of findings and IAVM requirements


• Implement and validate security controls aligned with NIST 800-53, CNSSI 1253, and related DoD guidance


• Support system hardening, patching, and configuration management in compliance with STIGs for Linux, Windows, and network devices


• Monitor systems for security events and support incident response and risk mitigation activities


• Assess security impacts of system changes and support configuration control boards (CCBs)


• Collaborate with system enginee...