ConMon PMO

Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. With over 50 years of business expertise and consistent growth, we are known for continuous innovation for our government customers, in both the US and abroad. Our exceptionally talented team is highly collaborative in spirit and practice, producing Results that Matter. Come work with the best! We offer opportunity, unique challenges, and clear-sighted commitment to the mission. SPA: Objective. Responsive. Trusted. 

The Space and Intelligence Division provides professional services to the US Space Force, Combatant Commands, Intelligence Community, and NASA. Our work includes enterprise architectural assessments, systems engineering and integration, test, planning and execution, cost estimating and analysis, acquisition support, and cybersecurity.  We are trusted partners developing approaches and concepts to meet emerging high priority needs, assessing cutting-edge technologies, and supporting capabilities for our National Defense.  Come join the fastest growing Division at Systems Planning and Analysis, Inc.!

The Intelligence Programs Group, part of Systems Planning and Analysis Inc.’s Space and Intelligence Division, is a specialized provider of systems engineering and trusted advisory services to the Space and National Intelligence community.  We utilize mission-proven, data-driven advisory tools and capabilities.  We provide highly technical support to ensure the government acquires cutting edge technology necessary for our National Defense.  Our portfolio includes the National Geospatial-Intelligence Agency (NGA), National Reconnaissance Office (NRO), and National Aeronautics and Space Administration (NASA).  Come where you will be part of our high-caliber team!

The ConMon Cyber Engineer provides support to the customer in the area of Cyber Security. Daily tasks include, but are not limited to:

• Support the Information Security Continuous Monitoring (ISCM) Program Lead in maturing the customer’s Continuous Monitoring (ConMon) program.
• Generate and lead ConMon process improvement activities
• Coordinate with the Cyber Data Science team to identify sources of information to better evaluate customers ConMon activities.
• Coordinate with Cyber Data Science team to create new views of customer’s ConMon posture
• Collect the necessary data, develop, and deliver reports to show customer’s progress of the enterprise wide ConMon program.
• Develop and deliver asset ConMon compliance views for categories such as mission, cross domain, and location, as required by the customer.
• Proactively identify and provide metrics and reporting data appropriate for stakeholders in each of the Tiers identified in the NIST SP 800-137
• Validates, for efficacy, ConMon control Bodies-of-Evidence (BOEs) entered in the ConMon tool
• Guides, mentors and instructs program Information System Security Officers (ISSOs) on methods to improve ConMon BOE entry language
• Assist Security Control Accessors (SCAs), FISMA and Inspector General (IG) Teams on examining ConMon BOEs for official reporting
• Proactively identify and provide metrics and reporting data appropriate for AO/DAOs to make sound risk decisions for continued authorization of systems
• Initiate and participate in studies to improve ConMon reporting metrics
• Recommend improvements on Enterprise Security Services (ESS) tool implementations

Required:

• 8 to 10 years with BS/BA or 6 to 8 years with MS/MA or 3 to 5 years with PhD.
• Qualified candidates must have an Active, Current U.S. Government Top Secret clearance with SCI eligibility at time of application
• Favorably adjudicated Polygraph
• Bachelor of Science Degree in Science, Technology, Engineering or Mathematics (STEM) or an advanced IA certification
• DoD 8570 certification in IAT or IAM
• Knowledge of and experience with RMF, particularly step 6 (Continuous Monitoring) policies
• Experience implementing ICD 503 RMF Process and NIST 800-53, 800-137, 800-37 and 800-53a technical controls, as well as developing and maintaining associated certification and accreditation documentation
• Excellent communications skills – both verbal and non-verbal
• Experience in one or more roles as SysAdmin, ISSM, ISSO, ISSE, DAO-R, SCA or ISO
• Office Automation Skills – MS Office, MS Project, Visio
• Self-starter requiring limited direction and supervision

Desired:

• Experience briefing senior customer personnel
• Ability to organize and prioritize numerous customer requests in a fast-paced deadline driven environment
• Familiarity with Amazon Web Services (AWS)
• Familiarity with customer's IA processes
• Experience with ServiceNow and Splunk
• Experience supporting IC or DoD in the Cyber Security Domain