tiag Project Manager, RMF in Fort Belvoir, Virginia
tiag is now hiring an experienced* RMF Project Manager *to support our contract with the Regional Health Command – Atlantic (RHC-A) out of Ft. Belvoir. This position requires an Active Secret Clearance.
The Project Manager provides technical expertise with regards to maintaining and improving the government-client Risk Management Framework (RFM) and provide tactical production operations support and Certification and Accreditation (C&A;) services.
Additional Position responsibilities include:
- Developing and executing, in conjunction with the RHC-A, comprehensive IT project management implementation plans for RMF site and system accreditation
- Creating and delivering implementation and meeting presentations
- Managing and resolving issues and tracking cyber security risks which arise during implementations
- manage customer expectations for scope, time, cost, quality
- performs post-implementation assessments to assist the customer with benefits realization.
- Maintain cyber security project documentation such as project plans, project timelines, requirement documents, cyber security management guides, and accreditation documentation.
- Provide guidance and input into MEDCOM and DHA RMF/Cyber Security policy and procedure development, cyber security best practices, HIPAA Compliance, regional IMGC and CCB creation and management, system integration, and overall IA accreditation.
- Collaborate with MTF IA stakeholders (both internal and external) to ensure milestones are incorporated as part of the overall implementation planning, and that all goals are achieved on time in accordance with DHA, MEDCOM, and RHC-A command objectives.
- Collaborates with TIAG internal Staff for IPR reporting, project status reports, contract deliverables, and quality assurance.
- Perform IT security assessments and develop certification and accreditation plans for RHCA and its MTF’s.
- Assist MTF's with conversion from DIACAP to RMF.
- Evaluate Regional Computer Emergency Response Team-Continental US (RCERT-CONUS) and Army Computer Emergency Response Team (ACERT) alerts and provide local assessments of vulnerability to IAM and local DOIM management.
- Provide map and gap of sites and systems from DIACAP to RMF and uploading into eMASS.
- Provide technical, administrative direction, and review for Information Assurance (IA) and Security controls as it pertains to RMF.
- Identify industry accepted standards, IT standards for validated data, access control, roles definition, authentication methods and apply to existing systems.
- Review, analyze existing systems, identify and understand business rules and technical requirements as part of strategic development, implementation, and support for IA practice.
- Contribute to research and analysis, and translate security policy and requirements to define best methods and practices.
- Provide technical guidance on implementation of security mechanisms and controls.
- Develop System Security documentation, including FIPS-199 determination, e-Authentication, privacy threshold analysis, privacy impact assessment, system security plans (SSP), IA policies, Rules of Behavior, security test and evaluation (ST&E;) plans, risk assessment plans and reports, business continuity plans, disaster recovery plans, incident response plans, contingency plan, contingency plan test report, plans of action and milestones (POA&M;) development, exception and waiver letters development, annual security control self-assessment, and continuous monitoring activities.
- Participate in systems analysis, systems development, and information technology program management
- Participate in the development of electronic commerce systems or electronic government projects, including development of agency policies and procedures.
- Work closely with project managers and senior technical leads to ensure work meets client objectives.
- Develop project briefings and reports based on customer needs.
- Present oral reports/briefings.
Required Experience and Skills:
Bachelor's or Masters degree in Information Systems
7-10 years of experience as a PM in an IT environment with a PMP
5+ plus years of experience in Cyber Security/ RMF
Security Certification IAT Level III or IAM Level II AKA CISSP, GSLC, CAP, or CISM
Department: tiag, Inc.
Location: Fort Belvoir, VA