Aerospace - Aviation
Distribution - Shipping
Hospitality - Hotel
Information Technology (IT)
Installation - Maint - Repair
Law Enforcement & Security
Media - General
Media - Journalism
Nonprofit - Social Services
Oil and Gas
Publishing - Printing
Purchasing - Procurement
Restaurant - Food Service
Strategy - Planning
Continuous Monitoring Specialist
Crystal City, VA
Support the Continuous Monitoring program, including but not limited to assisting the government in designing, developing, maintaining, executing and improving a comprehensive Continuous Monitoring (ConMon) program. Perform continuous assessments of all security controls for all information systems under the purview of the organization. Conduct continuous assessments in accordance with industry auditor standards (yellow book audit standards, Government Accountability Office Standards, NIST publications etc.) to support the organizations ability to maintain ongoing awareness of information security, vulnerabilities and threats. Weekly and monthly reports which document recommendations, analysis on delta’s required in order for the organization to reach compliance, continuous monitoring methodology reports, integration of maturity and capability standards continuous monitoring strategy and system templates, associated project plans for all activities, adhoc evaluations of security controls on an as needed basis, adhoc templates and reports required to support the organizations RMF strategy and plan, plan and action of milestones progress, reporting and support, and program performance metrics.
Education Requirement: BS with an IT or Cyber focus or equivalent combination of education and experience.
Years of Experience: 8 years of Continuous Monitoring/Governance Risk and Compliance (GRC).
Certification Requirements: Shall possess at time of award, and retain, equivalent level IAT III certification
Clearance Requirements: Shall possess at the time of award, and retain, a TS/SCI security clearance
Experience Requirements: Demonstrated successful track record for delivering large/complex projects on time and within budget within DoD Organizations Demonstrated expert-level knowledge in the planning, development, coordination, implementation and execution of a continuous monitoring program within an organization of similar size, scope and complexity. Demonstrated experience with the planning, development, coordination, execution and improvement of compliance related processes. This includes in depth knowledge of DoD 8500 series, NIST SP 800 series, DoD regulations and instructions to include: 8570-01, DoDI 8530.01, CJCSI 6510.01, Risk Management Framework (RMF). In depth knowledge and experience of industry and DoD auditing best practices. Demonstrated experience with performing continuous assessments of all security controls for all information systems under the purview of organizations. Demonstrated experience with communicating and coordinating at a functional and senior level. Demonstrated experience with the development of reports and products that support an organizations ability to maintain near-real time awareness of information security, vulnerabilities and threats. Preferred candidates will have experience with Archer, eMASS and established work history in DoD.
$100-128K per year
Top Secret/Sensitive Compartmentalized Information (TS/SCI)
Superlative Technologies, Inc. (SuprTEK) is a Small Disadvantaged Business providing IT Engineering and Professional Service excellence to Government and Industry customers, enabling them to better achieve their mission objectives. SuprTEK specializes in strategic business planning and management; information security and assurance, IT solution engineering and delivery, IT operations management, Health IT, Service Center operations, and Enterprise Integrated Services. Since 1996, SuprTEK has performed exceptionally on a multitude of contracts ranging in size from short-term management consulting engagements to fully-managed IT outsourcing efforts.
SuprTEK technical professionals have satisfied customers such as the Defense Information Systems Agency, Office of the Secretary of Defense, Defense Logistics Agency, U.S. Navy, Air Force, Army, Combatant Commands like USTRANSCOM, Department of Justice, Environmental Protection Agency, and intelligence agencies. SuprTEK is an ISO 9001:2008, ISO 20000, and ISO 27001-registered, CMMI Level 3-appraised, quality-focused organization that embraces process best practices such as the Information Technology Infrastructure Library (ITIL). SuprTEK’s superior performance was highlighted in U.S. Congressional Record Volume 153, which recognized SuprTEK as the Outstanding Small Business and nomination to the President’s SAVE Award.