- Ankura (VA)
- …including Plans of Action and Milestones (POAM) and System Security Plans ( SSP ) . Building industry-recognized subject matter expertise in the national security and ... DIB cybersecurity domains, including keeping apace with developments in cyber frameworks and compliance, and producing timely, polished thought leadership. Professional and conceptual agility to design and execute compliance risk mitigation and information… more
- PSI Services (Richmond, VA)
- …a Federal Program is essential and contributing to core document set eg SSP , ConMon reporting, POAMs, System Narrative, SCP, SIA + Experience implementing or ... maintaining FedRAMP Moderate Authorization is desirable. + Experience documenting security controls in Architecture diagrams is essential + Extensive training and experience in IT disciplines such as application and data security, systems programming, systems… more
- Assertive Professionals (Chantilly, VA)
- …associated with those specific networks. Develop and maintain System Security Plans ( SSP ) to meet ongoing security requirements. Ensure approved SSPs are kept up ... to date as changes are made to the networks. Implement security requirements and ensure compliance with the client's Information System Security Manager (ISSM) approved SSPs for all networks. This includes: establishing or utilizing existing access control… more
- EMCOR Group (Mclean, VA)
- …security documentation includes but is not limited to: System Security Plan ( SSP ), Plan of Action & Milestones (POA&M), Configuration Management Plan, Incident ... Response Plan, Business Continuity and IT Disaster Recovery Plan, Risk Mitigation Plan, and general policy and procedures, as needed + Guide Operating Companies in creating documentation as specified above that satisfies the CMMC compliance framework… more
- Saliense Consulting (Mclean, VA)
- …independent assessments of security controls as documented in the System Security Plan ( SSP ) + Leading and conducting risk assessments based on findings of security ... controls assessments + Developing Security Assessment Report (SAR), documenting Plans of Action and Milestones (POA&Ms), and developing Executive Summaries (ES) Qualifications: + 4 year degree (Bachelors Degree) from an accredited College or University in… more
- Capital One (Mclean, VA)
- …equivalent certification + At least 5 years of experience with IBM Sterling Secure Proxy ( SSP ) and IBM Sterling File Gateway (SFG) + At least 4 years of experience ... with AWS Preferred Qualifications: + 7 + years of experience with AWS + 2+ years of experience in Agile practices + 3+ years of experience in programming or scripting using Python + 3+ years of experience with Container orchestration services including Docker… more
- Amazon (Herndon, VA)
- …experience with the Risk Management Framework (RMF), System Security Plans ( SSP ), Security Control Traceability Matrices (SCTM), familiarity with the customer ... environment, and an understanding of existing AWS services. You will draw upon an information security background, critical thinking, and analytic problem solving skills to support A&A activities, recommend improvements as required, and effectively support the… more
- Leidos (Hampton, VA)
- …controls + Demonstrated experience reviewing and authoring System Security Plans ( SSP ) + Demonstrated experience writing and reviewing risk assessment and mitigation ... reports **Original Posting:** June 26, 2025 For US Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days… more
- Nightwing (Sterling, VA)
- …Assessment and Authorization (A&A) process and development of Systems Security Plan ( SSP ) + Develops and documents security evaluation test plans and procedures + ... Develops SCA artifacts, including the Security Assessment Plan (SAP), Security Assessment Reports (SAR), and Remediation Actions + Experience with developing Plans of Action and Milestones (POA&Ms), including providing risk mitigation strategies, steps, and… more
- UIC Government Services and the Bowhead Family of Companies (Arlington, VA)
- …guidelines, policies, and procedures. * Create and review System Security Plans ( SSP ), as required * Prepare for Assess and Authorize (A&A) and Security ... Control Assessor (SCA) validations and/or inspections and ensure that CS inspections, tests, and reviews are coordinated. **Qualifications** + Bachelor's degree in computer science, IT, information systems, or related field. + Certified in one of the… more