Huntsville, AL ASRC Federal Holding Company
LEARN MORE / APPLY
ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are a top veteran employer (https://www.asrcfederal.com/asrc-federal-earns-military-times-best-for-vets-and-military-com-top-25-veteran-employer-honors/) and Certified Great Place to Work (https://www.asrcfederal.com/asrc-federal-receives-great-place-to-work-certification-for-2024/)
ASRC Federal is looking for an experience Information Assurance (IA) Policy and Compliance Certified Professional Team Lead to support work with the U.S. Army Contracting Command (ACC) Chief Information Officer (CIO) G6 Information Technology Support Services (ITSS) at the Redstone Arsenal, AL. The ACC Headquarters (HQ) Cybersecurity Division (CSD) currently maintains authority to operate (ATO) for three Risk Management Framework (RMF) packages. The IA Professional Lead will be leading a team of six people who will be working with the Procurement Automated Data Document System (PADDS), the ACC HQ Access Control/CCTV System, and the Army Contracting Command Development Lab (ADL). Key responsibilities for the IA professional will include:
Assisting the task order Program Manager with ensuring all work performed by the team is performed according to the Performance Work Statement, turned in on time, with minimal to no errors.
Working with the task order Program Manager to check certifications and training requirements of team members, including tracking when annual training is required, and ensuring all team members’ training is up to date
Serving as the ACC HQ System(s) Information System Security Officer (ISSO) and perform all duties and requirements related to that position
Updating and maintaining each Enterprise Mission Assurance Support Service (eMASS) record
Developing, updating, and/or modifying system-level artifacts such as TTP’s, plans, policies, procedures, hardware/software lists, data flow, system architecture diagrams, and more.
Ensuring artifacts are associate with any corresponding security control within eMASS.
Inventorying hardware and software associated with the systems
Obtaining, running, analyzing, and importing all applicable Department of Defense (DoD) or Army mandated vulnerability scanner and compliance checkers
Ensuring all security technical implementation guides (STIG’s) are imported into eMASS per Army Policy.
Importing vulnerability scans no greater than once a month
Tracking Information Assurance Vulnerability Alerts (IAVAs) relating to ACC systems
Determining applicable control baselines
Determining systems’ compliance to baselines and providing sufficient justification for non-applicable controls
Creating, modifying, and/or maintaining all aspects of the implementation plan and test results as defined by DoD, Army, NETCOM, and ACC requirements
Ensuring non-compliant controls, benchmarks, and findings have associated plans of action and milestones (POAM) entries
Creating, modifying, and/or maintaining all aspects of POAM
Creating, modifying, and/or maintaining all aspects of continuous monitoring (CONMON) – this includes monitoring, reviewing, and updating continuous, daily, weekly, bi-weekly, monthly, quarterly, bi-annual, and annual requirements
Utilizing existing, or developing custom, solutions using Powershell, Power Platform, Python, etc. to facilitate RMF requirements, reducing timelines and providing up-to-date status reporting of compliance such as Evaluate STIG, Cyber Vulnerability Platform (CVP), eMASS Result Analysis Platform (eRAP), Continuous Monitoring Tracker (C-Track), etc.
Required Skills
An in-depth working knowledge of RMF
Working knowledge of PowerShell, Power Platform, Python, etc.
Understanding of implementation plan and test results as defined by DoD, Army, NETCOM, and ACC requirements
Proficiency with Microsoft Office Suite
Excellent communication skills – this includes written, face-to-face, and virtual
Education and Experience Requirements
One of the following certifications is required: CISM or CISSO or FITSP-M or GCIA or GCSA or GCIH or GSLC or GICSP or CISSP-ISSMP or CISSP
A BS Degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution
5+ years of experience with Information Assurance Policies and Compliance
Clearance Requirements
Active Top-Secret Clearance
We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.
EEO Statement
ASRC Federal and its Subsidiaries are Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.
Job Details
Job Family Information Technology
Job Function Information Security
Pay Type Salary
LEARN MORE / APPLY
Job Hiring / Huntsville, AL / IA Policy and Compliance Certified Professional Team Lead >> APPLY/LEARN MORE >> https://de.jobsyn.org/97abced99a4941a2a68634e6c721b65f8003 >> #job #jobs #hiring #BGJobs
+++++++++++++++
? Looking for more jobs like this? Find more at CareerOneStop, sponsored by the U.S. Department of Labor Employment and Training Administration.
+++++++++++++++