- CareFirst (Washington, DC)
- …in Nonfederal Systems and Organizations + HITRUST, FedRAMP + NIST CSF, NIST RMF , FedRAMP, HITRUST, CIS benchmarks, CIS Top 20, CSAs Cloud Controls Matrix (CCM), ... COBIT, CMMC, ISO 27001, FAIR + Various privacy frameworks: GDPR, CCPA, others + Knowledge of developing SSPs (system security plans) based on NIST 800-171, 800-53, and FedRAMP. + Experience with a wide variety of security tools such as IPS/IDS systems,… more
- Strategic Systems Programs Office (Washington Navy Yard, DC)
- …this competency include: review user account requests; review and ensure RMF packages are correct and containing appropriate mitigation statements; performing ... compliance monitoring and reporting. 2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency,… more
- St. George Tanaq Corporation (Washington, DC)
- …agency IT operations preferred. + Knowledge of security frameworks such as NIST RMF , FISMA, or CMMC preferred. + Experience managing IT support during high-demand ... transition periods preferred. **Education and Training** + Bachelor's degree in Computer Science, Information Technology, or related field required (Master's preferred). + PMP or equivalent project management certification (CAPM, Agile/Scrum) preferred.… more
- RightDirection Technology Solutions LLC (Washington, DC)
- …infrastructure-as-code, and automated security testing. + Deep familiarity with NIST RMF , FISMA, and Zero Trust architecture. Preferred Qualifications: + Experience ... supporting Department of State, DHS, or other federal civilian cybersecurity programs. + Familiarity with ServiceNow, CyberArk, ArchAngel, and iApp platforms. + Strong background in cloud threat modeling, SOC integration, and secure workload design. +… more
- World Wide Technology (Washington, DC)
- …and cloud security. + Familiarity with federal compliance frameworks: NIST 800-53, DoD RMF , DISA STIGs, FedRAMP, and Zero Trust maturity models. + Broad experience ... across enterprise compute, storage, virtualization, and networking solutions. + Certifications (preferred): + Cybersecurity: CISSP, CISM, CISA, CEH, CompTIA Security+, CySA+, CASP+ Vendor/Technical: Cisco CCNP Security, Palo Alto PCNSE, Fortinet NSE 7/8,… more
- Amentum (Washington, DC)
- …Familiarity with DoD, Army, and federal IT compliance standards, including FISMA, NIST, RMF , and STIGs **Work Environment:** + This position is performed in a ... traditional office environment. **Physical Demands:** + While performing the duties of this job, the employee is occasionally required to stand; walk; sit; use hands and fingers to handle, or feel objects, tools or controls; use fingers and hands to type or… more
- Leidos (Washington, DC)
- …Similar Certification + Extensive experience with the Risk Management Framework ( RMF ) + Extensive experience with ICD-503 + Extensive experience developing security ... accreditation packages and achieving Authorities to Operate (ATOs) + Experience supporting security accreditation activities within the Intelligence Community Come break things (in a good way). Then build them smarter. We're the tech company everyone calls… more
- Guidehouse (Washington, DC)
- …security evaluations using industry-standard frameworks (NIST Cybersecurity Framework, NIST RMF , ISO 27001, CIS Controls) + Conduct cybersecurity vulnerability ... assessments and security architecture reviews, and contribute to building penetration testing considerations and threat models + Analyze complex technical environments to identify security gaps, threats, and vulnerabilities + Develop detailed technical… more
- Tyto Athene (Washington, DC)
- …requirements for information systems meet FISMA requirements. **Responsibilities:** + Support RMF steps 4 -assess, 5 -authorize, step 6 -monitor controls: conducting ... system security assessments, supporting the system security authorization to operate process, and conducting annual assessments, respectively + Produce quality security assessment deliverables, ensuring the content of each deliverable is specific to the… more
- Coinbase (Washington, DC)
- …risk standards and frameworks, such as the NIST Cybersecurity Framework, NIST RMF , COBIT, ISO 27005, DORA, FAIR risk quantification methodology, etc. * Expertise ... in all phases of the risk management lifecycle and execution of these phases within a technology or security risk management program * Self-motivated and demonstrate a sense of urgency in high-intensity environments * Shift nimbly between strategy and… more