Job Title: DIU Compliance Analyst
Location: Pentagon, VA with the ability to travel to Mountain View, CA on a reoccurring basis
Position Type: Full-Time
Clearance Required: TS/SBBI Investigation
This candidate will be responsible for providing ongoing life cycle Assessment & Authorization (A&A) and Risk Management Framework support to Defense Innovation Unit (DIU). This includes eMASS entry, creation or updating of required artifacts, and coordinating validation efforts to support an Authorizing Official (AO) decision. The candidate will also assist with for multiple duties within the Plans, Programs, and Readiness (PPR) domain. This includes, but is not limited to, sustainment/onboarding activities, policy development, program/project management, and Configuration Control within the DIU and DIU’s CSSP.
· 15+ years in Certification & Accreditation (C&A) and/or a CyberSecurity Service Provider (CSSP) environment, policy development, and Information System Security Manager (ISSM) or Information Manager.
· Bachelor’s degree or higher from an accredited university/college in Computer Science, Information Technology, Information Security, Cybersecurity, or related field
· 8570 Classification CND Auditor or IAT-II
· Experience with the Risk Management Framework (RMF) process from both a packet preparation and assessor perspective.
· Experience with eMASS, DITPR, and PPSM for population, tracking, and Plan of Action & Milestones (POA&M) staffing.
· Knowledge of CSSP sustainment/onboarding requirements and processes.
· Experience performing Information System Security Audits, Information System Security Assessments, developing Risk Management Plans, and assessing security architectures
· Experience with STIGs and justifying the technical need for applying each setting
· Experience performing periodic auditing and continuous monitoring tasks to maintain security compliance
· Experience with sponsorship for FedRAMP and DISA IL designation
Highly Desired Skills:
· Experience with ServiceNow and Google G Suite Enterprise
· Experience collaborating and coordinating with other cyber elements to include the CSSP community
· Experience in preparing and conducting presentations
Position Requirements and Duties:
· Responsible for creating and maintaining the eMASS, PPSM, DITPR entry for DIU
· Create and update all required artifacts within eMASS
· Coordinate and schedule all aspects of the SCA-V assessment for DIU Enterprise
· Prepare weekly reports of accreditation and technical implementation of the circuit until it is accredited
· Maintain knowledge of C&A and Cyber policy changes throughout the DoD
· Collaborate with all CSSP personnel to ensure the circuit is properly deployed and technically operating within an acceptable level of risk
· Prepare and support a brief of the accreditation package to the AO to support an accreditation decision
· Support all aspects of the CSSP sustainment and onboarding activities
· Help coordinate and run the DIU CCB
· Participate in program reviews, process improvement, and onsite certification evaluations
· Authorized as the primary POC for all eMASS, PPSM, DITPR entries
· Authorized to review all internal DIU and CSSP vulnerability information
· Authorized to work with all teams and request any information needed to support the accreditation effort
· Experience with SNAP and E2P is a plus