IS and Cybersecurity Professional – Senior Specialist (IA-RMF)

In support of the Air Force Information Network (AFIN), Network/Cyberspace Operations mission, performing Information Assurance (IA)/Risk Management Framework (RMF) responsibilities.

This position supports the 688^th Cyberspace Wing (688 CW) as a Subject Matter Expert (SME) in managing and maintaining IA/RMF compliance and ensuring continuous monitoring (CONMON) of authorization to operate (ATO) packages for numerous systems. The IA/RMF Senior Specialist provides inputs and completes taskings related to Information Assurance audits, inspections, reviews, Staff Assistance Visits (SAVs), and Certification and Accreditation (C&A) packages.

• Develop, maintain, and improve strategy for maintaining artifacts and controls to support ongoing systems updates to ATO packages to ensure systems maintain all items within established timeframes
  • Identify and examine artifacts required weekly, monthly, quarterly, and annually
  • Identify and prioritize critical items and operational risk items
  • Review of orders and directives for updates in reporting requirements
  • Create monthly assessment reports of all systems for delivery to customers and leadership for process improvement and awareness
    • Coordinate with unit personnel on CONMON tasks and critical areas of improvement
    • Provide situational awareness to 688 CW leadership of system risks
    • Perform ongoing CONMON for the 688 CW enterprise packages, maintaining all controls and artifacts in the Enterprise Mission Assurance Support Service (eMASS)
      • Perform monthly updates of higher-priority controls and a rotating selection of control families to ensure that all controls are examined at least annually.
      • Ensure that all artifacts are updated prior to expiration, including all monthly, quarterly, and annual updates to priority, operational, and administrative items.
      • Revise policies to support DAF transition to NIST SP 800-53 Revision 5.
        • Review updated policies, create and implement templates for risk controls in need of revision and expansion.
        • Provide SME support to units in maintaining and creating system ATOs across NIPR and SIPR systems and in obtaining ATOs for new systems in development
        • Provide SME support for Information Technology Investment Portfolio Suite (ITIPS) for the registration and maintenance of 688 CW systems to report budgets, IA / Federal Information Security Management Act (FISMA), and other high-level interest items to federal officials
        • Provide SME support for Xacta to assist with current and future system ATOs on JWICS

• Required
  • IAM III = CISM, CISSP, CCISO, GSLC, or higher
  • Desired
    • CISSP

• Required
  • TS/SCI