Navy Combat Systems RMF analyst

Location: Washington, DC
Date Posted: 12-04-2018
All qualified resumes will receive feedback within 24 hours
Must have An Active Secret Clearance

Develop and complete the Cyber security packages for the following AEGIS Baselines - Baselines 5.x, 6.1, 6.3, 7.2A, 7.2B, 8.x, 9.x and 10, including the SGS/AC, CMT - in accordance with the 6 Step Risk Management Framework.  
AEGIS, produced by Program Executive Office Integrated Warfare Systems at the Washington Navy Yard, is the Navy’s primary surface combatant Weapon System.   It is fielded on approximately 100 cruisers and destroyers.  The system, which is focused mainly on Integrated Air and Missile defense, has been and will be upgraded on these ships on a continuous basis and is being installed on new destroyers.   It is composed of several elements including the most advanced Naval Integrated Air and Missile Defense Radar in the world, Command and Control computers, an automatic test system, a display system and missile launchers.   It interfaces with all combat system elements on the ship such as guns, radars, computers, passive/active electronic warfare systems, navigation equipment, IFF, helicopters, fighters, sonar, torpeodo launchers, underwater fire control systems, the Thomahawk missile system and other command and control systems.   All elements operate collectively to defend the ship and to conduct offensive strikes.   Elements are connected via point to point copper cables on the older baselines, which still incorporate the antiquated Naval Tactical Data System.  The newer baselines operate within a network based computing environment and use Ethernet and/or fiber connectivity via the AEGIS LAN Interface System (ALIS) and other systems.   The system exchanges information with various command and control systems fielded under the Program Executive Office Command Control Communications Computers and Intelligence (PEO C4I) such the Global Command and Control System and communication system LANs.  Legacy baselines were once basically isolated from the outside world.  As the AEGIS network centric environment evolved, and connectivity with DoD command and control systems via the Global information Grid became an inherent feature of the system, the Navy imposed CyberSecurity requirements.  These requirements, up until the most recent baseline, were not built into the initial design, and are being implemented now.   Initially, they were imposed under DIACAP and have recently transitioned to the Risk Management Framework, which leverages the security advantages of weapon systems vs. IT business systems and recognizes the need to minimize data transfer latency in order to defeat supersonic missile threats.
The job includes identifying, documenting, and analyzing all the controls including the Assessment procedures for each control for each baseline.  Develop, update, and complete the various artifacts for each applicable package as required for each of the 6 Steps of the RMF process.   Perform Scanning, STIGS and Reporting for each RMF
package per US Navy Testing Guidance, as needed.  Perform Validation of Controls and Assessment procedures in accordance with Navy Security Control Assessment (SCA) Guidelines for RMF Packages as needed.
this job portal is powered by CATS