Cybersecurity Assessment Lead

Tharros is seeking a Cybersecurity Assessment Lead for an upcoming program supporting a US Navy customer located at NAS North Island. The Cybersecurity Assessment Lead serves as the senior assessor overseeing cybersecurity assessment activities supporting Risk Management Framework (RMF) authorization processes for customer networks and training systems.ResponsibilitiesLead cybersecurity assessment teams supporting RMF authorization activities across all performance locations.Perform or oversee independent security control assessments for DoD information systems.Validate implementation of required NIST 800-53 security controls.Support Security Control Assessors (SCA) in evaluating residual cybersecurity risk.Provide technical leadership and quality oversight for cybersecurity assessors supporting RMF validation efforts.RMF Assessment SupportLead RMF assessment activities in accordance with DoD and Department of the Navy cybersecurity requirements. Conduct or oversee independent verification and validation of implemented security controls, including initial authorization assessments and periodic reassessments. Analyze testing results and provide cybersecurity risk assessments to the Government SCA and Authorizing Official.RMF Package Development and ReportingOversee preparation and delivery of RMF artifacts including:Security Assessment Plans (SAP)Security Assessment Reports (SAR)Risk Assessment Reports (RAR)System Security Plans (SSP)Continuous Monitoring StrategiesPlans of Action & Milestones (POA&M)Ensure cybersecurity artifacts are properly documented and maintained within the Enterprise Mission Assurance Support Service (eMASS) system.QualificationsMinimum 10 years of cybersecurity experience, including significant experience supporting Risk Management Framework (RMF) assessment and authorization activities for DoD or Navy systems.Active Top Secret DoD Clearance.Demonstrated experience leading cybersecurity assessments or validation teams supporting DoD RMF authorization processes.Experience supporting Security Control Assessors (SCA) or equivalent cybersecurity assessment authorities.Demonstrated experience performing or leading security control assessments, system authorization support, and cybersecurity risk evaluations in accordance with:NIST SP 800-37NIST SP 800-53DoD RMFDoNRMF Process GuideExpert knowledge of DoD RMF and the DoN RMF Process Guide.Experience using eMASS for RMF package preparation and maintenance.Knowledge of CNSSI 1253 and ICD 503 cybersecurity requirements.Strong leadership and team management capabilities.Ability to provide cybersecurity risk analysis to senior Government stakeholders.Strong technical writing skills for cybersecurity assessment documentation.Familiarity with Navy network architecture and training system environments.J-18808-Ljbffr