• Help

    Duties

    Summary

    • Who may apply: Current Permanent DFAS Agency Employees; PPP DoD Military Spouse Preference Eligible applicants.
    • Position is located in Info & Tech Directorate, Enterprise Services, Security Security, ZTAGB.
    • This job announcement may be used to fill similar positions on other teams in the I&T Directorate.

    Learn more about this agency

    Responsibilities

    • This position serves as a Risk Management Framework Assessor for Defense Finance and Accounting Service.
    • Apply knowledge of security regulations, policy, instructions, frameworks, and best-practice, with a focus working with NIST Cybersecurity Framework, DoD Risk Management Framework, FISMA and related DoD cyber security policy and directives.
    • Identify requirements implementing and testing security technical standards for assigned technologies or information systems such as web applications, databases, operating systems, network devices.
    • Conduct assessments to analyze vulnerabilities and threats to determine overall risk to the confidentiality, integrity, and availability of DFAS information systems.
    • Analyze and interpret results of vulnerability and security scanning tools to determine impact to security posture.
    • Analyze results, provide narrative and statistical reports, and prepare final assessment report to advise management on risk posture.
    • Provide guidance and support to less-senior RMF assessors to support the growth and development of the DFAS RMF Assessment Team.
    • Conduct independent security control assessments to confirm or establish, by testing, evaluating, and analyzing evidence, that privacy and security controls are implemented correctly and effectively.

    Travel Required

    Occasional travel - Occasional

    Supervisory status

    No

    Promotion Potential

    13

This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/587981700. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.