1 to 25 of 140 Permanent FISMA Jobs

Skills and Abilities Ability to set the tone for the organization and motivate management and the team. Understanding of information security regulations, including the Federal Information Security Management Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), ISO 27001, COBIT NIST, and ITIL. Maintaining security for assessment, evaluation, and incident forensic work. Ability to prioritize projects Comfortable working in a More ❯

project planning and best practices setups, change management procedures, system design and configuration planning practices and outage analysis and streamline incident resolution. Familiarity with Federal Information Security Management Act (FISMA) and National Institute of Standards and Technology (NIST) security standards and able to incorporate into IT solutions. Demonstrated expertise in technical communications with a strong desire to achieve customer satisfaction More ❯

CDMD-OA) Configuration Management Professional (CMPro) Navy Tool for Interoperability Risk Assessment (NTIRA) Assured Compliance Assessment Solution (ACAS) Enterprise Mission Assurance Support Service (eMASS) Federal Information Security Management Act (FISMA) database Vulnerability Remediation Asset Manager (VRAM) Xacta Information Assurance (IA) Manager and NSERC DoD Information Technology Portfolio Repository-DON (DITPR-DON) DON Application Database Management System (DADMS) Microsoft Visio, PEO More ❯

MD. Candidates must reside within a commutable distance. Participation in a rotational on-call schedule for emergency page-outs is required. Strong knowledge of cybersecurity frameworks (e.g., NIST, RMF, FISMA) and best practices. Experience leading cybersecurity teams and managing large-scale security initiatives. Hands-on experience with security tools such as SIEM, IDS/IPS, vulnerability scanners, and endpoint security More ❯

MD. Candidates must reside within a commutable distance. Participation in a rotational on-call schedule for emergency page-outs is required. Strong knowledge of cybersecurity frameworks (e.g., NIST, RMF, FISMA) and best practices. Experience leading cybersecurity teams and managing large-scale security initiatives. Hands-on experience with security tools such as SIEM, IDS/IPS, vulnerability scanners, and endpoint security More ❯

workbooks, recommend changes/clarification and submit updated workbooks to HQ AFRL for registration of Point-to-Point, Standalone, Standalone Enclave systems having a Federal Information Security Management Act (FISMA) requirement. Coordinate any changes or modifications to hardware, software, or firmware of a system directly with the Authorizing Official (AO)/Delegated Authorizing Official (DAO) prior to the change. Conduct More ❯

design of a strong security operations program and an effective business continuity plan. Evaluates programs against Privacy Act, HIPAA/HITECH, Federal and commercial regulations and guidance (e.g., NIST, FISMA, OMB). May monitor, evaluate, and maintain systems and procedures to protect data systems and databases from unauthorized users. Determines causes of security breaches and researches, recommends, and implements changes More ❯

procurement concepts (including the Federal Acquisition Regulations (FAR , Chief Financial Officer (CFO) Act, Government Performance and Results Act (GPRA), Government Management Reform Act (GMRA), Federal Information Security Management Act (FISMA), Treasury Financial Manual (TFM), and relevant Office of Management and Budget (OMB) circulars and bulletins on financial accounting and internal and system controls. Minimum ten years' experience Knowledge and expertise More ❯

procurement concepts (including the Federal Acquisition Regulations (FAR , Chief Financial Officer (CFO) Act, Government Performance and Results Act (GPRA), Government Management Reform Act (GMRA), Federal Information Security Management Act (FISMA), Treasury Financial Manual (TFM), and relevant Office of Management and Budget (OMB) circulars and bulletins on financial accounting and internal and system controls in support of DHS or another Federal More ❯

the client/contract). Preferred Skills • Experience with containerization technologies (Docker, Kubernetes). • Familiarity with infrastructure as code (Terraform, CloudFormation). • Knowledge of compliance frameworks such as NIST, FISMA, and FedRAMP. • Strong scripting skills (Python, Bash, PowerShell). • Microsoft Azure certifications are a significant plus, especially those related to security, architecture, or DevOps. Soft Skills • Excellent problem-solving skills More ❯

8. A self-starter who can remain motivated when working individually. 9. 2-5 years of consulting experience. 10. Familiarity with GRC (governance, risk & compliance) experience a plus - NIST, FISMA, HIPPA, etc. More ❯

Switches, IDS, WAF, VPN technologies, etc. • Ability to obtain and maintain a FAA public trust clearance Preferred Additional Skills: • Experience in application and compliance of customer tailored NIST and FISMA controls and policies. • Experience collecting system logs and event data and performing engineering analysis to determine system security function, performance and compliance. • Experience developing, configuring and maintaining Linux and Windows More ❯

Switches, IDS, WAF, VPN technologies, etc. • Ability to obtain and maintain a FAA public trust clearance Preferred Additional Skills: • Experience in application and compliance of customer tailored NIST and FISMA controls and policies. • Experience collecting system logs and event data and performing engineering analysis to determine system security function, performance and compliance. • Experience developing, configuring and maintaining Linux and Windows More ❯

detail Be comfortable supporting multiple priorities in a fast-paced, Agile environment Hold an active Secret Clearance Preferred Skills: Familiarity with federal security compliance frameworks (e.g., NIST 800-53, FISMA) Exposure to GRC platforms, scripting, or ticketing systems Interest in certifications such as Security+, CISSP, or Certified Ethical Hacker (CEH) Education: Bachelor's Degree Salary More ❯

Strong background in cybersecurity strategy, risk management, and compliance Experience with security assessment tools and practices (e.g., Nessus, Splunk, SCAP, STIGs) Knowledge of federal cybersecurity policies and standards (e.g., FISMA, FedRAMP, NIST SP 800-53) Excellent analytical, communication, and stakeholder engagement skills Experience supporting cybersecurity for intelligence or defense systems Familiarity with cloud security, Zero Trust architecture, and endpoint protection More ❯

measures to prevent recurrence. Develop and maintain cybersecurity policies, standards, and procedures based on industry best practices and regulatory requirements. Ensure compliance with applicable security frameworks such as NIST, FISMA, and FedRAMP. Qualifications Bachelor's degree in computer science, Information Security Relevant industry certifications such as CompTIA Security+, CISSP, CEH, or GIAC. 3-5 years of experience in cybersecurity roles More ❯

Assist in developing and refining incident response procedures and SOC playbooks. • Support vulnerability assessments and remediation tracking. • Maintain compliance with government standards and security policies (e.g., NIST 800-53, FISMA, DFARS/CMMC). • Participate in security audits, reporting, and continuous monitoring activities. Minimum Qualifications: • Active Top-Secret clearance (required) • Associate's or Bachelor's degree in Cybersecurity, IT, or More ❯

and email security protocols (DKIM, SPF, DMARC). Experience with SIEM/SOAR platforms, threat detection, and security logging. Strong understanding of federal security frameworks: NIST 800-53, FedRAMP, FISMA, DISA STIGs, and ATO processes. Experience in on-prem and hybrid cloud environments. Scripting skills in Python, Bash, or Go. Excellent communication skills, with the ability to explain technical concepts More ❯

System Security Plan Privacy Impact Assessment e-Authentication Implementation Plan System Level Continuous Monitoring Plan Ports, Protocols and Services Registration Plan of Action and Milestones (POA&M) Conduct annual FISMA assessments Perform Continuous Monitoring of Authorized Systems Generate and update test plans; conduct testing of the system components using the Assured Compliance Assessment Solution (ACAS) tool, implement Security Technical Implementation More ❯

System Security Plan Privacy Impact Assessment e-Authentication Implementation Plan System Level Continuous Monitoring Plan Ports, Protocols and Services Registration Plan of Action and Milestones (POA&M) Conduct annual FISMA assessments Perform Continuous Monitoring of Authorized Systems Generate and update test plans; conduct testing of the system components using the Assured Compliance Assessment Solution (ACAS) tool, implement Security Technical Implementation More ❯

and milestones (POA&M) and Assessment and Authorization (A&A) workflow tools data, patch management, information assurance vulnerability alerts (IAVA), DoD 8570.01M certifications, and Federal Information System Modernization Act (FISMA) compliance requirements, and Authorizations to Operate (ATOs) to unit leadership and HHQs as directed. Interact with local units and HHQ IISMs to provide Cybersecurity assessments, courses of action, and solutions More ❯

contingency and continuity of operations plans. • Enforce and manage firewall policies, ports, and protocols to protect mission-critical systems. • Ensure compliance with DoD, DON, and federal cybersecurity directives, including FISMA, DoDI 8500.01, DoDI 8530, SECNAV 5239, OPNAV 5239, and related guidance. • Safeguard sensitive naval information in accordance with OPNAVINST N9210.3 and other classified data protection requirements. Qualifications: • Active Secret clearance More ❯

system administration experience. Experience with ESS/HBSS, Splunk, ConfigOS, and other DoD-relevant cyber tools. Familiarity with Software Assurance (SwA) tools and techniques (e.g., Fortify). Knowledge of FISMA, NIST 800-53, and DoD cybersecurity policies. Experience supporting cybersecurity test events, red/blue team exercises, or penetration testing. Background in DoD systems architecture, defense communications, or mission operations More ❯

clearance with Polygraph. • 5+ years of experience in security compliance, industrial security, or cleared facility operations. • In-depth knowledge of federal compliance standards such as NISPOM, ICD 705, CMMC, FISMA, and insider threat policy. • Experience supporting classified data centers or secure IT infrastructure environments. • Proven ability to develop policy, perform risk assessments, and lead internal audit processes. • Strong interpersonal skills More ❯

cloud-based environments. Guide and mentor technical teams on secure cloud architecture, policy implementation, and threat mitigation strategies. Provide direct support for compliance with NIST Risk Management Framework (RMF), FISMA, and relevant cybersecurity directives. Manage and oversee vulnerability assessments, system audits, and incident response planning. Support the integration of security controls including STIGs, SCAP, IAVA compliance, and policy documentation. Collaborate More ❯