McKean Defense is a Naval Life Cycle Management, Engineering, Enterprise Transformation and Program Management business headquartered in Philadelphia, PA. McKean’s engineers, developers, technical staff, programmers, analysts, and program managers identify and deploy new shipboard technologies, integrate information technology across shipboard platforms, and develop strategies to support the Warfighter. McKean’s employees create strategic solutions to help customers reach new levels of mission support and transform their organizations. McKean Defense values the life experiences of potential candidates, including those who have served our Military. Currently, 38% of McKean’s employee owner workforce are veterans.

McKean Defense is seeking Cybersecurity professionals with Risk Management Framework (RMF) experience. Primary responsibility is to perform tasks related to Assessment & Authorization (A&A) and cybersecurity to obtain and maintain Authorizations to Operate (ATO) for U.S. Navy afloat and ashore systems. Lifecycle cybersecurity support of US Navy systems, which includes, but is not limited to the following duties:

1. Conducting risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs
2. Developing, updating, and/or reviewing system RMF documentation to include Security Plans, Implementation Plans, Plans of Action and Milestones (POA&Ms), and Risk Assessment Reports
3. Providing solutions to complex problems that require the regular use of expertise and creativity. Problems are broadly defined and solutions require the continuation of specialized theories and knowledge
4. Assessing system compliance against NIST, DoD, and Navy security requirements to include the NIST 800-53 controls and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)
5. Coordinating with other system SMEs to identify and develop authorization boundary diagrams, architecture diagrams, and hardware and software inventories
6. Working with system administrators, engineers, and developers to update system/site policies, procedures, and process guides
7. Producing evidence as necessary to support compliance status of NIST, DoD, and Navy security requirements
8. Maintaining awareness and knowledge of evolving security and risk management standards and communicate and apply relevant changes to existing processes
9. Attending and participating in regular A&A status meetings to facilitate progress and address potential issues of RMF system efforts
10. Actively participating in working group meetings to identify, plan, and execute strategies in response to emerging cybersecurity/RMF policies

Required Skills

Demonstrated experience with Risk Management Framework (RMF); experience within DoD a plus. 

Experience with eMASS 

Experience with vulnerability analysis tools,  Assured Compliance Assessment Solution (ACAS), and Host Based Security System (HBSS)

Proficiency in the use of Microsoft Office suite of applications

Basic Technical writing ability

Experience leading a team through a technical project a plus

Required Experience

 Bachelor of Science (BS) Degree in Information Technology, Cybersecurity, or Engineering related field.

 2+ years of professional experience in cybersecurity 

CompTIA Security+ certified required. CISSP certified is a plus.

Candidate must have a active DoD clearance, or the ability to obtain one.

McKean Defense is an Equal Opportunity Employer. Employment decisions are made without regard to race (as well as because of or on the basis of traits historically associated with race, including hair texture, hair type, and protective hairstyles such as braids, locks, and twists), color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, pregnancy, childbirth, lactation and related medical conditions, genetic factors, military/veteran status, or other characteristics protected by law.

McKean Defense is an E-Verify company.

 #cj

Demonstrated experience with Risk Management Framework (RMF); experience within DoD a plus. 

Experience with eMASS 

Experience with vulnerability analysis tools,  Assured Compliance Assessment Solution (ACAS), and Host Based Security System (HBSS)

Proficiency in the use of Microsoft Office suite of applications

Basic Technical writing ability

Experience leading a team through a technical project a plus