Cybersecurity Policy & RMF Analyst
Concept Plus
Job Description
<p style="font-family:"><b><strong style="font-size:18pt;white-space:pre-wrap;">About <a href="https://himalayas.app/companies/concept-plus">Concept Plus</a></strong></b><br><br><a href="https://himalayas.app/companies/concept-plus">Concept Plus</a> is a growing consulting firm headquartered in Fairfax, VA. We are an Oracle Gold Partner, offering deep technical expertise, combined with business insights and an experienced team focused on providing technical solutions for our clients. We are proud to have been recognized as one of the "25 Most Powerful Oracle Solution Providers" in the area! We offer great benefits including competitive pay, comprehensive health insurance, dental and vision insurance, paid life insurance, paid time off, 11 paid holidays, bonuses, tuition reimbursement, unlimited training, and the opportunity to work in a collaborative, flexible, innovative environment! For additional information about our dynamic organization, please visit our website. at www.conceptplus.com. </p><p style="font-family:"><b><strong style="font-size:18pt;white-space:pre-wrap;">About the role</strong></b></p><p style="font-family:"><a href="https://himalayas.app/companies/concept-plus">Concept Plus</a> is seeking a Cybersecurity Policy and RMF Analyst to provide Risk Management Support to identify shortfalls in the assessment and authorization process, track and manage Risk Assessments, assist in implementing a Risk Management strategy and tie together the business continuity of operations plan (COOP) and the IT COOP plans. </p><p style="font-family:"><b><strong style="font-size:18pt;white-space:pre-wrap;">What you'll do</strong></b></p><ul data-pattern="discCircleSquare" data-depth="1" style="font-family:"><li style="margin:3px 0px;font-size:11pt;line-height:1.6;letter-spacing:0.25px;">Adhere to the DoD cybersecurity policy requirements set forth in DoDI 8500.01, "Cybersecurity," and DoDI 8510.01, "Risk Management Framework (RMF) for DoD Information Technology (IT)" and their successors.</li><li style="margin:3px 0px;font-size:11pt;line-height:1.6;letter-spacing:0.25px;">Monitor identified risks and track response actions to ensure they support the customer Risk Management Strategy and are properly documented in a risk registry.</li><li style="margin:3px 0px;font-size:11pt;line-height:1.6;letter-spacing:0.25px;">Provide recommendations to business and IT leaders on best business practices followed in the industry to mitigate or remediate risks · Schedule, conduct, and track RMF validations for each IT Portfolio.</li><li style="margin:3px 0px;font-size:11pt;line-height:1.6;letter-spacing:0.25px;">Review of security controls, as part of a risk assessment, as needed to support an Authorization to Operate (ATO) of an investment.</li><li style="margin:3px 0px;font-size:11pt;line-height:1.6;letter-spacing:0.25px;">Review vulnerabilities and identify potential risks based on the type of vulnerability and the potential impact.</li><li style="margin:3px 0px