1 to 25 of 63 FISMA Jobs

will be responsible for developing, maintaining, and enforcing security policies, implementing cybersecurity controls, managing Authority to Operate (ATO) documentation, and conducting continuous monitoring and risk assessments in compliance with FISMA, NIST, DOJ, and other federal mandates. What Your Day-To-Day Looks Like (Position Responsibilities): Serve as the principal cybersecurity advisor to system owners and stakeholders. Design, analyze, and test … Actions and Milestones (POA&M), Privacy Threat Assessment, Privacy Impact Assessment, and Configuration Management Plan. Responsible for ensuring the implementation and maintenance of annual security controls assessments. Assist with FISMA System audits as necessary. Leverage necessary vulnerability assessment and scanning tools including Nessus and ACSA to identify vulnerabilities, Splunk tools to monitor, detect and rectify misconfigurations. Working directly with development More ❯

project planning and best practices setups, change management procedures, system design and configuration planning practices and outage analysis and streamline incident resolution. Familiarity with Federal Information Security Management Act (FISMA) and National Institute of Standards and Technology (NIST) security standards and able to incorporate into IT solutions. Demonstrated expertise in technical communications with a strong desire to achieve customer satisfaction More ❯

CDMD-OA) Configuration Management Professional (CMPro) Navy Tool for Interoperability Risk Assessment (NTIRA) Assured Compliance Assessment Solution (ACAS) Enterprise Mission Assurance Support Service (eMASS) Federal Information Security Management Act (FISMA) database Vulnerability Remediation Asset Manager (VRAM) Xacta Information Assurance (IA) Manager and NSERC DoD Information Technology Portfolio Repository-DON (DITPR-DON) DON Application Database Management System (DADMS) Microsoft Visio, PEO More ❯

tools, and techniques. • Knowledge and/or understanding of Joint Special Access Program Implementation Guide (JSIG) • Strong familiarity with the Risk Management Framework (RMF), Federal Information Security Management Act (FISMA), and National Institute of Standards and Technology (NIST) FIPS 199/200 and Special Publications. • Quick learner and team player. • The ability to adapt in fast paced environments, comfort with … related to system design/configuration and performing security impact analysis. • The ability to work independently. • Strong familiarity with the Risk Management Framework (RMF), Federal Information Security Management Act (FISMA), and National Institute of Standards and Technology (NIST) FIPS 199/200 and Special Publications. • Experience with the Federal Risk and Authorization Management Program (FedRAMP). Marathon TS is committed More ❯

understanding of OMB information security directives and policy compliance. Security+, CISSP, CISA, or equivalent certifications (DoD 8570 IAM Level 2 equivalent). At least 5 years of experience with FISMA, NIST, and OMB federal information system requirements. Advanced written and verbal communication skills to effectively communicate security concepts and policies. Desired: Experience shaping policies and programs for Federal or DoD More ❯

effective and aligned with industry best practices and regulatory requirements. Regulatory Compliance: Ensure that the organization's information systems comply with all applicable security regulations and standards, including NIST, FISMA, and the Joint Special Access Program Implementation Guide (JSIG). Conduct regular audits and assessments to verify compliance and address any identified gaps. Security Controls Implementation: Lead the implementation and More ❯

risks and report findings to the Government. • Work with system owners to maintain current Authorities to Operate (ATO) in a manner compliant with the Federal Information Security Management Act (FISMA), DoD Risk Management Framework (RMF), and National Institute of Standards and Technology (NIST) guidance. • Support cybersecurity requirements during Army and Joint exercises. • Represent the customer and CG in briefings and More ❯

design of a strong security operations program and an effective business continuity plan. Evaluates programs against Privacy Act, HIPAA/HITECH, Federal and commercial regulations and guidance (e.g., NIST, FISMA, OMB). May monitor, evaluate, and maintain systems and procedures to protect data systems and databases from unauthorized users. Determines causes of security breaches and researches, recommends, and implements changes More ❯

working with demanding cyber-aware customers, listening to and understanding requirements, developing solutions to meet their needs, presenting solutions, and accommodating feedback. 10+ years experience with NIST, RMF and FISMA frameworks, 7 of those in a corporate environment. Possess a DoD 8570 IAT III or IAM II level certification or equivalent industry certifications: CISSP, CASP+ CE, CCNP Security, CISA, GCED More ❯

8. A self-starter who can remain motivated when working individually. 9. 2-5 years of consulting experience. 10. Familiarity with GRC (governance, risk & compliance) experience a plus - NIST, FISMA, HIPPA, etc. More ❯

Modernize and integrate legacy DoD systems with new platforms and emerging technologies, maintaining operational integrity and enhancing mission readiness. • Cybersecurity Compliance: Ensure solutions adhere to DoD cybersecurity policies, including FISMA, DISA STIGs, and RMF guidelines for Information Assurance (IA). • AI Strategy Development: Design and implement AI-driven solutions that align with DoD AI strategies and emerging federal guidelines. • Innovation … protocols. Systems architecture, design, and integration. • At least 7 years of experience working within DoD environments to include experience with: DoD Enterprise Architecture and legacy systems. DoD cybersecurity policies (FISMA, NIST 800-53, DISA STIGs, RMF). AI technologies and DoD AI policy implementation. Modernizing legacy DoD systems and integrating with cloud-based and AI-driven technologies. DoD mission systems More ❯

Assist in developing and refining incident response procedures and SOC playbooks. • Support vulnerability assessments and remediation tracking. • Maintain compliance with government standards and security policies (e.g., NIST 800-53, FISMA, DFARS/CMMC). • Participate in security audits, reporting, and continuous monitoring activities. Minimum Qualifications: • Active Top-Secret clearance (required) • Associate's or Bachelor's degree in Cybersecurity, IT, or More ❯

to work effectively independently as well as within a team environment. Must develop and manage Information Security policies, procedures, and methodologies in accordance with Federal Information Security Management Act (FISMA), DoD Regulations, NIST Special Publications, other Federal laws and regulations, and direction from leadership. Required Qualifications: Top Secret Clearance (verifiable in DISS) BA/BS college degree DOD 8570/ More ❯

Briefs Information System Owner (ISO) on RMF process, cybersecurity requirement and outstanding tasks. • Ensure adherence to cybersecurity policies, procedures and processes. This include supporting "Federal Information Security Management Act (FISMA) requirements and ensuring all necessary documentation and artifacts are updated and stored correctly for ATO purposes. • Assist in developing and updating System Security Plan (SSP) for assigned Systems • Assist in More ❯

IAT Level II required); CISSP, CISM, or CISA preferred. Experience: 3-7 years of experience in cybersecurity, risk management, or IT security. Technical Skills: Knowledge of NIST RMF, FISMA, STIGs, and ATO processes. Experience with SIEM tools, vulnerability scanners (e.g., Nessus, ACAS), and endpoint security solutions. Familiarity with Linux, Windows, and cloud security (AWS, Azure). Education: Bachelor's degree More ❯

Switches, IDS, WAF, VPN technologies, etc. • Ability to obtain and maintain a FAA public trust clearance Preferred Additional Skills: • Experience in application and compliance of customer tailored NIST and FISMA controls and policies. • Experience collecting system logs and event data and performing engineering analysis to determine system security function, performance and compliance. • Experience developing, configuring and maintaining Linux and Windows More ❯

Switches, IDS, WAF, VPN technologies, etc. • Ability to obtain and maintain a FAA public trust clearance Preferred Additional Skills: • Experience in application and compliance of customer tailored NIST and FISMA controls and policies. • Experience collecting system logs and event data and performing engineering analysis to determine system security function, performance and compliance. • Experience developing, configuring and maintaining Linux and Windows More ❯

Security Analyst III Responsibilities: Demonstrated experience with DoD 8500.2 Information Assurance Controls (IAC) and common vulnerabilities and exposures, DISA STIGs, DoD IVAM tracking and reporting procedures, and familiarity with FISMA, RMF (Including NIST 800 series including, 800-37 Rev 2, 800-53 Rev 5), and other information security-related federal guidelines. Strong technical experience with networking, Windows, and Linux. Solid More ❯

Security+, CISSP, CISM, CISA or equivalent) are required Proven experience with security frameworks and standards such as NIST SP 800-53, NIST SP 800-37, NIST Cybersecurity Framework (CSF), FISMA, etc. Proven expertise in cybersecurity architecture, CDM and ZTA Hands-on experience with technology-related administration (Installation, Configuration, Monitoring, Integration, Managing Access Controls, Automation, and Troubleshooting) of the Continuous Diagnostics More ❯

Security Officer) and AO (Authorizing Official) for security authorization decisions (e.g., whether the system should be authorized to operate). Ensure compliance with relevant risk management frameworks (e.g., RMF, FISMA, NIST SP 800-53). Review and assess changes (e.g., system modifications, patches, or environment changes) that might affect security controls or system authorization. Evaluate the potential security risks introduced More ❯

with all components that comprise IT systems including network topology. Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes. Understanding of federal cybersecurity guidance such as FISMA NIST SP 800-37 - Guide for Applying the Risk Management Framework to Federal Information Systems: a Security Life Cycle Approach and NIST 800-137 - Information Security Continuous Monitoring (ISCM) for More ❯

demonstrate the following skills: - Demonstrated experience with DoD 8500.2 Information Assurance Controls (IAC) and common vulnerabilities and exposures, DISA STIGs, DoD IVAM tracking and reporting procedures, and familiarity with FISMA, RMF (Including NIST 800 series including, 800-37 Rev 2, 800-53 Rev 5), and other information security-related federal guidelines. - Strong technical experience with networking, Windows, and Linux. - Experience More ❯

CI/CD) tools, and leveraging automation platforms such as Ansible or Azure Functions Understanding of Federal Government application, server, and network security requirements such as NIST, FedRAMP, and FISMA Ability to work effectively within a distributed technical team, aided by strong written and verbal communication skills Familiarity with the Atlassian suite, including Jira and Confluence Current IAT Level II More ❯

measures to prevent recurrence. Develop and maintain cybersecurity policies, standards, and procedures based on industry best practices and regulatory requirements. Ensure compliance with applicable security frameworks such as NIST, FISMA, and FedRAMP. Qualifications Bachelor's degree in computer science, Information Security Relevant industry certifications such as CompTIA Security+, CISSP, CEH, or GIAC. 3-5 years of experience in cybersecurity roles More ❯

and storage utilization. Collaborate with cybersecurity analysts, engineers, and program stakeholders to drive continuous improvement of monitoring capabilities. Ensure Splunk implementation aligns with federal cybersecurity standards (e.g., NIST, RMF, FISMA). Document configurations, workflows, and standard operating procedures. Required Qualifications Active TS/SCI CI Polygraph required 7+ years of experience with Splunk engineering in a federal or DoD environment. More ❯