ConMon Validator Lead

Program Description:

The program provides Systems Engineering and Technical Assistance (SETA) core and non-core support in the areas of Cyber Security and Management to improve the Information Assurance (IA) posture of a National customer. The contracts Core Capabilities are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support.

Position Description:

The Information Security Continuous Monitoring Validator Lead provides support to the customer in the area of Cyber Security. Daily tasks include, but are not limited to:

• Supports the Information Security Continuous Monitoring (ISCM) Program Lead in standing up the customer's Continuous Monitoring (ConMon) program.
• Develop ConMon Validation process improvement activities
• Validates, for efficacy, ConMon control Bodies-of-Evidence (BOEs) entered in the ConMon tool
• Guides, mentors and instructs program Information System Security Officers (ISSOs) on methods to improve ConMon BOE entry language
• Guides, mentors and instructs program Information System Security Officers (ISSOs) on methods to improve fidelity of ConMon BOEs
• Assist Security Control Accessors (SCAs), FISMA and Inspector General (IG) Teams on examining ConMon BOEs for official reporting
• Proactively identify and provide metrics and reporting data appropriate for AO/DAOs to make sound risk decisions for continued authorization of systems
• Initiate and participate in studies to improve ConMon reporting metrics
• Recommend improvements on Enterprise Security Services (ESS) tool implementations

Job Requirements

Qualifications:

Required:

• Current U.S. Government Top Secret clearance with SCI eligibility
• Favorably adjudicated Polygraph
• DoD 8570 certification in IAT or IAM
• Demonstrated experience leading small teams
• Strong attention to detail and organizational skills
• Excellent communications skills
• Self-starter requiring limited direction and supervision
• Experience implementing RMF Process and NIST 800-53 technical controls, as well as developing and maintaining associated certification and accreditation documentation
• Experience as an ISSO, Information System Security Manager (ISSM), SCA, or Delegated Authorization Official Representative (DAOR)Strong attention to detail
• Ability to work in a team environment
• Working knowledge of Microsoft tools; Outlook, Excel, PowerPoint, SharePoint
• Excellent oral and written communications skills

Desired:

• Information Security Continuous Monitoring experience
• Self-starter requiring limited direction and supervision
• Bachelors of Science Degree in Science, Technology, Engineering or Mathematics (STEM) or an advanced IA certification (i.e. CISSP or CASP)
• Experience briefing senior customer personnel
• Experience supporting IC or DoD in the Cyber Security Domain with acquisition and project management
• Experience with RSA Archer, Service Now, and Xacta
• Cloud experience (certification preferred)

Travel

1-25%

Security Clearance

Top Secret/SCI/CI Poly