Key Facts

Remote From:

Full time

Senior (5-10 years)

English

Hard Skills

Authorization (Computing) Cyber Defense Vulnerability Management Infrastructure Security Oracle Cloud Splunk Oracle Data Guard Online Communication

Other Skills

•
Analytical Thinking
•
Critical Thinking
•
Social Skills
•
Non-Verbal Communication

Roles & Responsibilities

Five (5) years of relevant Risk Management Framework (RMF) and NIST AA experience
DOD cybersecurity experience
Experience in assessing security controls and conducting authorization reviews for large, complex organizations
DOD Secret Clearance and IT-II Non-Critical Sensitive security clearance or Tier 3 (T3)

Requirements:

Serves as a cybersecurity Subject Matter Expert (SME) regarding Assessment and Authorization (AA) of information systems
Determines the applicable severity value for an identified vulnerability
Briefs senior management on the progress or results of an information system undergoing the Risk Management Framework (RMF) process
Run and Analyze system and software scans

Amyx, Inc.

About Amyx, Inc.

At Amyx, Inc., a wholly owned subsidiary of Tetra Tech, our mission is to exceed our customer's expectations on every contract, to provide an environment that encourages, recognizes and rewards the extraordinary contributions of our employees, and to advance and support the communities in which we work and live. Amyx is a management and technical solutions provider and a "trusted partner" to our Federal Government clients on programs of national importance. We understand that successful programs require superior performance and a level of trust achieved through genuine rapport with the customer. Award-winning results have propelled Amyx to become one of the fastest growing businesses in the Washington Region. Amyx's service offerings include: - Program Management and Acquisition Support - Systems Engineering and Implementation - Enterprise Architecture - Business Process Transformation Amyx is also a Microsoft Certified Partner and a recognized leader in leveraging Microsoft platforms, applications, and associated information systems. Amyx services can be easily retained by using the General Services Administration (GSA) IT and MOBIS schedule contracts, Government Wide Acquisition Contracts (GWACs), Indefinite Delivery/Indefinite Quantity (ID/IQ contracts), and Blanket Purchase Agreements (BPAs).

Company type: SME

Founded: 2018

Company size: 501 - 1000

Website LinkedIn See all jobs →

Job description

Overview:

Amyx is seeking a Cybersecurity Assessment and Authorization Subject Matter Expert to join our Defense Logistics Agency program remotely

Responsibilities:

Serves as a cybersecurity Subject Matter Expert (SME) with regards to Assessment and Authorization (A&A) of information systems and all associated cybersecurity policies and procedures.
Performs a DOD cybersecurity process while either authorizing an information system or serving as a SME for an information system undergoing authorization.
Possess an understanding of how the security controls identified in the NIST 800-53 apply to the process of assessing and authorizing a large organization’s IT infrastructure such as DLA’s, in which there is a compilation of large and small enclaves, AIS applications and outsourced IT processes.
Determines the applicable severity value for an identified vulnerability (e.g., non-compliant security control) and determines the possible ramifications on the system’s current or future authorization.
Briefs senior management on the progress or results of an information system undergoing the Risk Management Framework (RMF) process.
Must have the ability to communicate accurate information

Daily Tasks:

Run and Analyze system and software scans
Develop and track POA&Ms relative to scan findings
Coordinate with DLA ISSMs on vulnerability management and continuous ATO management
Work with Operations and Developments teams to address security findings, apply STIGs and manage the IAVA process
Participate and support a SAFe agile release methodology with testers embedded in the Agile Release Train (ART)
Conduct review meetings for reported issues with stakeholders and move issues through process
General understanding of software testing methodologies
Have practical and working knowledge of all Microsoft Office applications
Analytical and Critical Thinking Skills
Quality interpersonal skills
Quality oral and written communication skills

Supported Technologies:

Oracle e-Business Suite R12, Oracle Federal
Oracle Cloud infrastructure (OCI)
Splunk
Fortify
Oracle Cloud Guard

Qualifications:

Required Qualifications:

Five (5) years of relevant Risk Management Framework (RMF) and NIST A&A experience
DOD cybersecurity experience
Experience in assessing security controls and conducting authorization reviews for large, complex organizations.
Experienced in the general tenets supporting the overall DOD implementation of its authorization process, to include supporting cybersecurity policy, procedures, and processes.
Knowledgeable in the cybersecurity of emerging technology areas such as Cloud and Industrial Control Systems (ICSs), warehouse execution systems and Operational Technology (OT) infrastructures.
DOD Secret Clearance and must possess IT-II Non-Critical Sensitive security clearance or Tier 3 (T3)

Desired Skills and Qualifications:

OCI Certified
Experience with an Agile Framework
Experience with the Continuous ATO process and integration of those processes with an Agile Framework

Benefits include:

Medical, Dental, and Vision Plans (PPO & HSA options available)
Flexible Spending Accounts (Health Care & Dependent Care FSA)
Health Savings Account (HSA)
401(k) with matching contributions
Roth
Qualified Transportation Expense with matching contributions
Short Term Disability
Long Term Disability
Life and Accidental Death & Dismemberment
Basic & Voluntary Life Insurance
Wellness Program
PTO
11 Holidays
Professional Development Reimbursement

Salary: 100-140k

Please contact talent@amyx.com with any questions!

Amyx is proud to be an Equal Opportunity Employer. All qualified candidates will be considered without regard to race, color, religion, national origin, age, disability, sexual orientation, gender identity, status as a protected veteran, or any other characteristic protected by law. Amyx is a VEVRAA federal contractor and we request priority referral of veterans.

Physical Demands

Employee needs to be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; talk and hear. Most positions require ability to work on desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and providing recommendations, summaries and/or reports in written format. Must be able to effectively communicate with others verbally and in writing. Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Regular and predictable attendance is essential.