ISSO/ RMF Expert

• Develop, review, and obtain Government approval of a plan to assess the security controls, and documents. Deliverables for Assessment Preparation include a SAP and ROE.
• Assess the security controls in accordance with the assessment procedures defined in the SAP. Deliverables for Security Control Assessment include, but are not limited to, a Security Categorization Review, a System Security Plan Analysis, and a Security Assessment.
• Prepare the SAR documenting the issues, findings, and recommendations from the security control assessment. Deliverables for SAR include, but are not limited to, an SAR that includes a Vulnerability Assessment and a Briefing (slides and meeting support).
• Conduct initial remediation actions based on the findings and recommendations of the SAR. Deliverables for Remediation Actions include, but are not limited to, an Issue Resolution Report and a Remediation Status Report.
• Basic Qualifications:
o Bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field PLUS twelve (8) years of experience in developing FISMA and RMF documentation hands-on.