Description
The Digital Modernization Sector has a career opportunity for an Information Assurance Manager supporting the Global Solutions Management - Operations II (GSM-O II) contract at DISA. This contract includes the Operations, Sustainment, Maintenance, Repair, and Defense of the Defense Information System Network (DISN) within the DOD Information Network (DODIN) in support of the Defense Information Systems Agency (DISA). It also includes support to other key tasks for DISA, including the transformation of DISA's operational mission through innovation, and support to DISA's mission partners.
Candidate must be able to be at the customer site at Fort Meade daily. Minimum Secret clearance and Security + are required upon start.
Want more jobs like this?
Get Software Engineering jobs in Gambrills, MD delivered to your inbox every week.
The Information Assurance Manager is responsible for working with and managing a fast paced, Agile team. This position would support requirements, design, integration, and deployment of new automated capabilities for end users. Specific tasks would include documenting and understanding the as-is processes, developing detailed business process descriptions and performance requirements, and measuring the deployed automation against productivity metrics to demonstrate success.
Primary Responsibilities
- The individual shall possess a working knowledge of the system or enclave functions, its technical IA safeguards, and its operational IA measures.
- Perform ISSO/M responsibilities, including acting as a point of contact for the team and customer as the subject matter expert for all cybersecurity related aspects to the assigned information systems, ensuring systems are maintained per security policies and procedures and maintaining compliance and ongoing reporting to management.
- Functionally assign and manage tasks for the team that covers all ATOs on the task order.
- Builds IA into systems deployed to operational environments.
- Assist with the implementation of security procedures, and verify information system security requirements, including coordinating the execution, review, and disposition of STIG checklists for systems, applications, developed code and other components.
- Support IT Security Strategy, Cyber Security, and Compliance and Risk Management supporting IT Security and Compliance Teams.
- Conduct ongoing security reviews and tests of systems to verify security features and controls are functional and effective. Take corrective action to resolve identified vulnerabilities.
- Collaborate with program information assurance staff, program management, and local engineers to ensure an appropriate security posture and Authorization to Operate (ATO) accreditation conditions and requirements are maintained.
- Set IA requirements both externally and internally, manage resources, and schedules to implement the requirements.
- Be the face of IA to customers, internal stakeholders, engineers, and senior leadership in which you communicate the plans, policies, and status. Candidate will conduct regular briefings with the customer on IA status, including preparing briefing materials.
- Determine applicability of Information Assurance Vulnerability Alerts to assets.
- Author, review, coordinate and submit cybersecurity authorization required artifacts to eMASS (including change requests) to achieve milestones such as Interim Authority to Test (IATT) and Authorization to Operate (ATO) in accordance with the project schedule.
- Develop and maintain assessment and authorization documentation (Body of Evidence) for management and continuous monitoring of information systems.
- Participate in regular briefings with the customer on cybersecurity status, including preparing briefing materials working closely with government Cyber & technical teams to support ATO conditions and requirements.
- Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.
- Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions.
Basic Qualifications
- Requires a US Citizenship and Secret Clearance.
- Require BS degree and 12-15 years of prior relevant experience.
- Hold and active security certification that meets DOD 8570 IAT level II or higher, such as Security+
- The qualified candidate shall have excellent customer service skills and the ability to work independently, prioritize, schedule, and complete multiple tasks.
- Ability to multi-task and self-assign work in a fast-paced environment.
- Strong communication skills that enable proactive and effective collaboration with a virtual team, including the ability to clearly articulate status and present to both customers and program leadership. Candidate shall have the ability to develop and present management level briefings.
- Demonstrate potential and willingness to learn and adapt to rapid changes in technology.
Preferred Qualifications
- Vulnerability assessment and analysis experience utilizing ACAS/NESSUS and DISA STIGs
- Experience with DoD implementation of the Risk Management Framework (RMF) and governing directives (NIST, CNSS, DSS, etc.)
- NIST RMF Assessment and Authorization (A&A) experience.
- Experience with operating IT security tools, such as ACAS, HBSS, DISA STIGs
- Prior experience working Cybersecurity in accordance with US Government (USG), Department of Defense (DOD)
Original Posting Date:
2024-09-24
While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $122,200.00 - $220,900.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.