Salary
💰 $119,000 - $140,000 per year
Job Level
SeniorLead
Tech Stack
CloudCyber Security
About the role
- Assist and support the GCSS Army ISSM, and serve as his representative for all things Cybersecurity replated when he is not available.
- Oversee the entire RMF cycle, including initiation, categorization, selection, implementation, assessment, authorization, and continuous monitoring.
- Develop and maintain system security plans (SSPs) and associated documentation for each system under management.
- Conduct risk assessments and vulnerability assessments to identify and mitigate security risks.
- Ensure compliance with all relevant security policies, standards, and guidelines, including NIST SP 800 series.
- Work closely with multiple DoD cybersecurity personnel to document controls, support authorization, seeking any Interim Authorization to Test (IATT) (if applicable), Provisional Authority to Operate (ATO) and ATO documentation as well as other approvals as required and provide metrics to comply with audits.
- Responsible for escalating issues, problems, risks, and constraints to the appropriate levels for clarification and resolution.
- Develop and maintain a working knowledge of cloud products and capabilities.
- Responsible for entering and maintaining eMASS package entries.
- Manage multiple and competing customer priorities with little supervision.
- Develop High Availability, Continuity of Operations (COOP) and Disaster Recovery (DR) processes in accordance with government and industry guidelines.
- Work closely with the DevSecOps teams and system support engineers to provide guidance on security weaknesses in the on prem and cloud environment.
- Review security controls and configuration requirements including secure network design, database access, security testing, authentication methods, implementation of encryption, privilege management, logging, input validation, secure storage design, and secure data transfer.
- Assist with the development and implementation for cloud security architectures for protecting sensitive data deployed into various cloud and hybrid systems.
- Participate in Requests for Change (RFC), Change Management Processes, and IAVM tracking.
Requirements
- Minimum of a SECRET security clearance.
- 10+ years cybersecurity experience in developing and implementing system information security standards and procedures in a DoD Cybersecurity Enterprise Environment.
- Previous Army cybersecurity, ATO, and enterprise technology experience required.
- Demonstrated experience with DoD technology, systems, and command & control policies and procedures.
- DOD Cyber Workforce (DCWF) 8140 (722) Advanced Information Systems Security Manager: A Master’s degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution fulfills the educational requirement or a certification: CISM, CISSO, CISSP, CISSP-ISSMP, FITSP-M, GCIA, GCIH, GCSA, GICSP, GSLC.
- Experience with security requirements in a federal IT environment, including FedRAMP-certified providers and FISMA requirements for acquiring and maintaining an ATO.
- Experience with Enterprise Cross Domain Solutions.
- Experience with DoD STIGs and SRGs.
- Strong understanding of cybersecurity principles, standards, and best practices.
- Excellent communication and interpersonal skills, with the ability to interact effectively with technical and non-technical stakeholders.
- Experience with Agile development methodologies and working with Agile teams.