Job Description
Compliance & NIST RMF
-Execute all six steps of the NIST Risk Management Framework to achieve and maintain Authority to Operate (ATO) for enterprise systems.
-Develop, maintain, and update Body of Evidence (BoE) artifacts including, authorization boundary diagrams, hardware/software lists, System Security Plans (SSPs) and Security Assessment Reports (SARs) within eMASS
-Ensure all defined system controls strictly map to compliance baselines (e.g., NIST SP 800-53).

Vulnerability Management & STIG Implementation
-Ensure servers, endpoints, and network appliances are hardened by applying Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs)
-Perform routine and ad-hoc vulnerability assessments using tools like ACAS/Nessus
Review scan reports to identify zero-days, configuration drifts, and outdated patches, providing mitigation recommendations

POA&M Management
-Create, track, and manage Plans of...