Job Details
Our Deloitte AI & Engineering team to transform technology platforms, drive innovation, and help make a significant impact on our clients' success. You'll work alongside talented professionals reimagining and reengineering operations and processes that are critical to businesses. Your contributions can help clients improve financial performance, accelerate new digital ventures, and fuel growth through innovation.
Work You'll Do
As a Project Delivery Senior Analyst on the project, you will:
• Prepare and maintain Security Assessment Plans (SAPs) and execute technical assessments during RMF Step 2 and RMF Step 4.
• Identify, evaluate, and analyze vulnerability findings using Assured Compliance Assessment Solution (ACAS).
• Conduct Security Content Automation Protocol (SCAP) and/or EvaluateSTIG scans to assess system vulnerabilities and compliance.
• Validate implementation of secure system configurations and hardening according to DoD and Navy standards.
• Develop and enforce security controls and configurations to meet Risk Management Framework (RMF) requirements.
• Integrate Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs) throughout the system lifecycle, particularly for Facility Related Control Systems (FRCS) hardware/software.
• Review and validate control implementation statements (aligned with NIST 800-53) for accuracy and completeness.
• Develop and support mitigation actions, including documentation and remediation of vulnerabilities via Plan of Actions & Milestones (POA&Ms).
• Collaborate with cross-functional teams to implement security controls and respond to emerging cyber threats.
• Provide technical RMF consultative expertise at every stage of the RMF process, including ongoing support for IT and OT systems.
The Team
Deloitte's Government & Public Services (GPS) practice - our people, ideas, technology and outcomes - is designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise.
Our Hybrid Cloud Infrastructure offering provides specialized engineering capabilities to design, implement, manage, and operate hybrid cloud environments, modernize networks and AI infrastructure from the core to the edge, and incubate new infrastructure and device services to help clients stay ahead with the latest technology advances.
The Project Delivery Talent Model is designed for professionals with specialized skills that align to a current client need. Team members focus on delivering services to clients, without additional expectations related to business development or promotion. Their employment is tied to their role on a project, and they are eligible for a benefits package that is competitive for project delivery-focused professionals.
Qualifications
Required:
• Bachelor's degree
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
• Active Secret security clearance required
• 2+ years of experience with RMF and Cybersecurity engineering or Operational Technology Systems
• Experience in vulnerability scanning, system hardening and applying STIGs/SRGs
Ability to be on-site in Norfolk, VA 3-4 days/week
Preferred:
• IAT/IAM Level II/III Certification
Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html
Work You'll Do
As a Project Delivery Senior Analyst on the project, you will:
• Prepare and maintain Security Assessment Plans (SAPs) and execute technical assessments during RMF Step 2 and RMF Step 4.
• Identify, evaluate, and analyze vulnerability findings using Assured Compliance Assessment Solution (ACAS).
• Conduct Security Content Automation Protocol (SCAP) and/or EvaluateSTIG scans to assess system vulnerabilities and compliance.
• Validate implementation of secure system configurations and hardening according to DoD and Navy standards.
• Develop and enforce security controls and configurations to meet Risk Management Framework (RMF) requirements.
• Integrate Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs) throughout the system lifecycle, particularly for Facility Related Control Systems (FRCS) hardware/software.
• Review and validate control implementation statements (aligned with NIST 800-53) for accuracy and completeness.
• Develop and support mitigation actions, including documentation and remediation of vulnerabilities via Plan of Actions & Milestones (POA&Ms).
• Collaborate with cross-functional teams to implement security controls and respond to emerging cyber threats.
• Provide technical RMF consultative expertise at every stage of the RMF process, including ongoing support for IT and OT systems.
The Team
Deloitte's Government & Public Services (GPS) practice - our people, ideas, technology and outcomes - is designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise.
Our Hybrid Cloud Infrastructure offering provides specialized engineering capabilities to design, implement, manage, and operate hybrid cloud environments, modernize networks and AI infrastructure from the core to the edge, and incubate new infrastructure and device services to help clients stay ahead with the latest technology advances.
The Project Delivery Talent Model is designed for professionals with specialized skills that align to a current client need. Team members focus on delivering services to clients, without additional expectations related to business development or promotion. Their employment is tied to their role on a project, and they are eligible for a benefits package that is competitive for project delivery-focused professionals.
Qualifications
Required:
• Bachelor's degree
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
• Active Secret security clearance required
• 2+ years of experience with RMF and Cybersecurity engineering or Operational Technology Systems
• Experience in vulnerability scanning, system hardening and applying STIGs/SRGs
Ability to be on-site in Norfolk, VA 3-4 days/week
Preferred:
• IAT/IAM Level II/III Certification
Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html
You Might Also Like
Mission
We're connecting diverse talent to big career moves. Meeting people who boost your career is hard - yet networking is key to growth and economic empowerment. We’re here to support you - within your current workplace or somewhere new. Upskill, join daily virtual events, apply to roles (it’s free!).
Are you hiring? Join our platform for diversifiying your team