Job Description: i3 is seeking a Cybersecurity / Information Assurance Lead, with 5 or more years" experience (within the last 10 years) with Department of Defense (DoD) cybersecurity policies such as DoD 8510.01 Risk Management Framework (RMF), DoD 8500 series (Information Assurance/Cybersecurity), and CNSSI 1253. Seven years of relevant IT experience is a plus.
As a Cybersecurity / Information Assurance Lead you will serve as an IA Subject Matter Expert (SME) with regards to Certification and Accreditation (C&A) and all associated IA policies and procedures. Must be fully versed in the general tenets supporting the overall DoD implementation of its C&A process, to include supporting IA policy, procedures and processes. Perform DoD IA C&A process while either certifying an information system or serving as a SME for a system undergoing certification. Possess an understanding of how the IA Controls identified in the DoD Instruction 8500.2 apply to the process of certifying and accrediting complex systems and AIS applications. Determine the applicable severity category for an identified vulnerability (e.g., non-compliant IA Control), and determine the possible ramifications on the system's current or future accreditation. The work will be performed in accordance with the requirements of the Risk Management Framework (RMF) per NIST 800 series requirements. The selection and specification of security controls will be required.
The work will be performed largely on Windows and Linux systems. The candidate should be fully capable of effectively utilizing all elements of Microsoft Office. The work will primarily be conducted on-site at the SPAWAR Systems Center Pacific (SSC PAC) government facility, or at the TUG office nearby, using standard industry tools. Travel may be required.
The candidate should have a BS degree in Computer Science or Information Technology, and coursework and seven (7) years or more of relevant experience.
Five (5) years of relevant C&A experience; Risk Management Framework (RMF) and NIST C&A experience.
Able to draft RMF and other technical documentation for certification, reference, and maintenance submissions.
DoD IA experience.
Experience in assessing IA Controls and conducting C&A reviews for large, complex organizations.
Desired Skills and Qualifications:
Certification: Possess and maintain at all times one of the following certifications: Global Information Assurance Certification (GSLC), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP).
Ability to establish, maintain and enforce operational standards.
Knowledge of basic methods of applying Security Technical Implementation Guides (STIGs) to operating systems.
Residency and Clearance Requirements:
Eligibility for a security clearance is required (thus U.S. Citizenship is required).
Must be able to obtain and maintain the clearance required for this position.