Millennium Corporation

RMF Engineer

Job Locations US-SC-Charleston
Posted Date 5 days ago(5/20/2022 3:34 PM)
Job ID
2022-2205

Overview

For nearly two decades, Millennium Corporation has been operating on the leading edge of cybersecurity. Our elite team of more than 400 experts has an unparalleled record of performance supporting Red Team Operations, Defensive Cyber Operations, Software Engineering, and Technical Engineering. With the largest contingent of contracted Red Team operators in the DoD, we provide an unmatched level of threat intelligence and battle-tested experience for customers in both the DoD and federal civilian markets.

What We Believe

We believe that diversity is a fact, inclusion is a choice.  At Millennium Corporation, we are inclusive. We celebrate multiple approaches and different points of view. We strongly believe that diversity drives innovation, and we are building a culture where differences are valued. We are always growing our programs and we offer tools to help our employees grow and manage their careers.

 

Millennium is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. Millennium promotes affirmative action for women, minorities, disabled persons, LGBTQ+ and veterans.

Responsibilities

Millennium Corporation is hiring an RMF Engineer in Charleston, SC. Candidate must have an active Secret Clearance. 

 

The RMF Engineer: 

  • Must have knowledge, skills and experience to assess the effectiveness of cybersecurity controls IAW NIST SP 800-53A, and effectively document weakness.
  • Must have enterprise SAP ERP system cybersecurity experience.
  • Must possess the skills, knowledge and experience necessary to perform DISA STIG implementation assessments on IT platforms and applications.
  • Must have the skills, knowledge and experience required to research vulnerabilities, originating from various sources, for impacts, perform risk assessments of vulnerabilities and develop effective written mitigations to reduce felt risk if possible.
  • Must have skills, knowledge and experience to execute processes and develop artifacts required to obtain DoD and Navy IATTs, ATOs and Use Case approvals.
  • The candidate will have experience with using the automated RMF Assessment and Authorizations (A&A) tools, such as eMASS, to complete and document DoD compliant RMF A&A activities.
  • The candidate will possess knowledge, skills and experience required to successfully complete DoD compliant RMF continuous monitoring activities, to include annual control assessments, POA&M monitoring and updates, creation and/or updating of security documentation, and development of mitigations for non-fully compliant controls.
  • In addition, the candidate will have skills, knowledge and experience to successfully complete NIST SP 800-30, rev 1, compliant risk assessments.
  • The candidate will have knowledge of and experience with configuring, executing scans, and interpreting the results of vulnerability scanning tools such as NESSUS.
  • Responsible for meeting Program Increment (~12week) deadlines to implement and enhance team capabilities
  • Execute all efforts in a collaborative and Scaled Agile fashion while adhering to government mandated fixed due dates
  • Work with Agile teams (developers, testers, operators and other production IT staff to oversee releases and deployments of capability.
  • Work with Agile teams (developers, testers, operators and other production IT staff to oversee releases and deployments.
  • Foster relationship with platform product teams and their customers, establish and refine Continuous Integration (CI) and automation (key processes, release schedules, and infrastructure designs) so that organization can create and release regular updates to DevSecOps capabilities quickly and efficiently as possible.
  • Attend and Participate in Periodic Large Scale Agile Planning events.
  • Support standard Agile ritual meetings (Sprint Planning, Daily Stand-ups, Backlog Grooming, Sprint Reviews and Retrospectives) as necessary and assist Scrum teams in execution of Sprints.

Qualifications

  • Candidate must have an active Secret Clearance 
  • Bachelor's  degree in Engineering, Physics, Network Security, Computer Science, Information Systems preferred
  • 4 - 6 years of experience, 2 - 3 of them with RMF 
  • DoD 8570 IAT Level II (A+ CE, CCNA-Security, CND, Network+CE, SSCP) 

  • Experience with Redshift; Glue; Nifi; and Oracle highly desired.

  • Experience with a range of AWS products (e.g. IAM, VPC, EC2, RDS, EBS, Transit Gateway, etc..)

  • Possess the knowledge and skills required to perform the complete DoD RMF Assessment and Authorization (A&A) process
  • Have in-depth knowledge of and will have successfully implemented NIST, DoD, and Navy Cybersecurity policies, guidance, and standards.
  • Must possess the skills, knowledge, and experience necessary to perform DISA STIG implementation assessments on IT platforms and applications.

Business Development

Assist with Business Development activities as required to support Millennium's strategic business objectives, which may include but not limited to participation in technical interviews, creation of technical documentation, general proposal writing support and proposal color reviews.

Physical Requirements

  • Must be comfortable with prolonged periods of sitting at a desk and working on a computer.
  • Must be able to lift up to 10-15 pounds at a time.

Travel Requirements

None

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed