Vacancy expired!
About DMI
DMI is a global professional services company that specializes in digital strategy, design, transformation, and support. More than your basic systems integrator or big-box advisor, we are a new breed of partner that blends human-centric consulting and design with agile engineering, delivery, and global scale. We believe that digital transformation is an end-to-endless evolutionary process that requires technology solutions and partners that meet organizations where they are. Consultants at the core, DMI has been delivering mission-critical, enterprise-grade solutions since 2002 for more than a hundred Fortune 1,000 enterprises, various state and local government agencies, and all fifteen U.S. federal departments. DMI has grown to 2,100+ employees globally and has been continually recognized by top industry analysts as well as a Top Workplace in the USA and Remote. DMInc.com | Careers | Twitter | LinkedIn | Facebook About the Opportunity DMI is seeking a Cybersecurity/RMF Engineer with an analytical mindset and a detailed understanding of cybersecurity methodologies. To ensure success, the candidate must display an excellent understanding of technology infrastructure and have experience with Firewalls, VPN, Data Loss Prevention, IDS/IPS, Web-Proxy, and Security Audits. Top candidates will have a thorough understanding of Risk Management Framework (RMF) and will have taken multiple systems through the Authority to Operate (ATO) process. Qualifications Duties and Responsibilities:- Support the Program Manager (PM) and Information Security Team by defining department RMF processes/procedures and creating Process Flow Diagrams (PFDs) to take systems through the Authority to Operate (ATO) process
- Provide recommendations on ATO boundaries to the Information Security Analysts
- Provide recommendations, and subject matter expertise to the PM and Customer on all matters pertaining to RMF and Information Systems Security
- Provide support to and assist System Owners develop ATO packets
- Support planning, implementing, managing, monitoring, and upgrading of security controls for the protection of the organization's data, systems, and networks
- Ensuring that the organization's data and infrastructure are protected by enabling the appropriate security controls
- Participating in the change management process
- Daily administrative tasks, reporting, and communication with the relevant departments in the organization
- Bachelor's degree from an accredited college or university in Computer Science, IT Systems, Cybersecurity, or other relevant field
- At least one (1) active industry security certification such as Security+, CISSP, etc.
- Experience in the Risk Management Framework (RMF) and Information Security Continuous Monitoring (ISCM) activities in accordance with the latest Security Assessment and Authorization Policy Guide (SAA)
- Experience with FISMA and FEDRAMP
- Proven experience reviewing network diagrams and defining ATO boundaries
- Experience creating/designing Process Flow Diagrams in Visio
- Ability to liaise with the customer and provide recommendations to achieve ATO's
- Experience with cloud security architecture
- Fundamental understanding of operating systems, including Windows and Linux
- Fundamental understanding of security controls for common platforms and devices, including Windows, Linux and network equipment
- Experience with the NIST, Cybersecurity Framework (CSF)
- Familiarity with the Center for Internet Security (CIS) standards
- Strong attention to detail with an analytical mind and outstanding problem-solving skills.
- Experience with incident detection, incident response, and forensics
- Great awareness of cybersecurity trends and hacking techniques
- Experience with Firewalls (functionality and maintenance), Office 365 Security, VSX, and Endpoint Security
- Proficiency in Python, C, Java, Ruby, Node, Go, and/or Power Shell
Vacancy expired!