RMF Validation with Security Clearance

---

Job description

Ho'olaulima Government Solutions LLC (HGS) is a Small Business Administration-certified, Native Hawaiian Organization-Owned, 8(a) Small Business that provides services and solutions in the areas of Environmental Services, Information Technology Services, Healthcare Services and Professional and Technical Services to the Department of Defense and other Federal agencies. HGS is a wholly-owned subsidiary of the Kina'ole Foundation, a 501(c)(3) non-profit established to benefit Native Hawaiian communities. You will receive a comprehensive benefits package that includes: Health insurance
Dental insurance
Life insurance
401K
Disability insurance
and much, much more! Duties and Responsibilities: Provide recommendation, support and advice in the implementation, management, maintenance and growth of the commands A&A program.
Provide subject matter expertise in support of the Risk Management Framework (RMF) Assessment and Authorization (A&A) process.
Provide NCTAMS PAC and four subordinate commands RMF support to ensure the Naval Authorization Official's (NAO) requirements have been met for all NCTAMS PAC and subordinate commands owned systems.
Perform security control assessments on RMF packages before submission to Echelon II, Security Control Assessor (SCA), Security Control Assessor Liaison (SCAL), and the NAO.
Perform risk assessments on NCTAMS PAC and subordinate commands owned circuits, systems, or other information system that processes, stores, transmits and/or displays DoD/DON information based on findings from Security Control Assessment. Provide articulated findings in the required reportable format as defined by NAO, which include but are not limited to DISA manual STIGs, DISA automated SCAPs, and Tenable's ACAS security tools.
Organize and update weekly Authority to Operate (ATO) status tracker for all security packages within the NCTAMS PAC AOR. Provide weekly tracker status to the command A&A manager.
Utilizing Risk Assessment Report, Security Implementation Guide (STIG) Checklists, Assured Compliance Assessment Solution (ACAS) and other tools provided by the Government, analyzes the results of general cybersecurity- related technical problems relating to risk, threats, vulnerabilities, mitigation, or remediation analysis of information systems and applications throughout the systems development life cycle (from inception to decommission). Provide analysis, updates, and reports via eMASS in support of the command Assessment & Authorization (A&A) Manager.
Assist Government personnel in the affected areas in the completion of RMF documentation and procedures required to obtain an accreditation (e.g. Authority to Operate (ATO), Authority to Operate with Conditions (ATO w/ Cond), Authority to Connect (ATC), Authority to Connect with Conditions (ATC w/ Cond), etc.) for NCTAMS PAC and subordinate command owned sites and systems.
Within six months of hire, achieve Navy Qualified Validator (NQV) certification in order to conduct security control assessments of RMF packages.
Assist Government personnel in the affected areas with the implementation, evaluation, and direction in the development of RMF required artifacts to include, but not limited to, Security Plans, Security Assessment Plans, Continuous Monitoring Strategy, Test Plans, Risk Assessment Reports (RAR), and Plan of Action and Milestones (POA&M) for NCTAMS PAC and AOR security packages.
Assist the A&A manager with processing Boundary Change Requests (BCR) for the IT- 21 PRNOC Enterprise by verifying the relevant A&A information for the target systems are valid prior to processing. These actions include confirming that a valid ATO exists for the target system as well as ensuring the associated ports, protocols and services for the proposed source/destination IPs are both DISA Category Assurance List (CAL) compliant and properly registered for boundaries 07 and 08 within the system's Ports, Protocols, and Services Management (PPSM) record. All Urgent BCRs must be processed within 3 business days whereas routine BCRs are to be processed within 5 business days, per NAO's requirements.
Other duties as assigned by Supervisor. HGS is an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

<!– job description page –>