Information Assurance Manager
Information Assurance Manager to support the USAF's Comprehensive Engine Management System (CEMS). The Senior IA manager will work on critical networks and help ensure the safety of CEMS. The Sr IA manager will be a motivated self-starter and have a strong foundation and understanding in Information Technology and Security Architecture as well as be familiar with security functions of large organizations, specifically security operations. In this role, you will provide oversight and direction, RMF support across the program to ensure the IA of the network.
Tasks may include but are not limited to vulnerability scanning and analysis according to policy; scheduling, execution and tracking of vulnerability remediation activities; security monitoring, analysis and response; tracking, and reporting of security patch/upgrade implementation; development of security policies, processes and procedures; development of information security documents; conducting security audits; development and delivery of presentations; security product trade studies; security test and evaluation; and STIG/Checklist auditing.
• Uses federal and organization specific publications to manage system environment
• Provides system related input on IA security requirements in continuous monitoring actions and annual reviews
• Participates in the development or modification of system IA plans and requirements
• Ensures users are aware of their IA responsibilities before granting access to IT system
• Recognizes possible security violations and takes reporting actions
• Supervises or manages protective/corrective measures when IA incidents or vulnerabilities are discovered
• Ensures system security configuration guidelines are followed in implemented HW/SW for the IT system
• Ensures IA requirements are integrated in COOPs and contingency plans
• Coordinates system contingency, incident and COOP testing with the hosting network
• Ensures the information system backup and recovery processes are monitored and IA features and procedures are restored
• Ensures IA inspections, tests, and reviews are conducted on the IT system
• Participates in information system risk assessments during the authorization and assessment (A&A) process
• Collects and maintains data needed to meet system IA reporting requirements
• Reviews selected security safeguards to determine security concerns in approved plans and continuous monitoring have been addressed
• Advises DAA of changes affecting the system security baseline and IA posture
EDUCATION & EXPERIENCE:
Requires Bachelor's degree and 12+ years of prior relevant experience or Masters with 10+ years of prior relevant experience or equivalent work experience in lieu of degree
Must hold the following certifications: the highest being one of the following: (CAP CE, GSLC CE, CISM CE, CASP CE, or CISSP CE). Holding one of these presumes the candidate also holds precursor certificates: Security+ CE as well
• Evaluating IT security for applications and providing knowledge/expertise on how to implement and drive a plan for compliance with DoD Information assurance policies and procedures.
• Direct hands on testing of security products / systems to detect computer and information security weakness.
• Excellent communication skills, both written and oral, be willing to learn and execute on any client requests, and have the ability to interact with all levels of customer staff from the executive level down to highly technical analysts in structured and unstructured situations and across multiple domains.
• Motivated self-starter and have a strong foundation and understanding in Information Technology and Security Architecture as well as be familiar with security functions of government IT systems
• Possess a broad range of knowledge into latest tools and techniques used to secure customer IT systems.
• Knowledge and experience in executing Risk Management Framework procedures for USAF systems
• Must hold the following certifications: the highest being one of the following: (CAP CE, GSLC CE, CISM CE, CASP CE, or CISSP CE). Holding one of these presumes the candidate also holds precursor certificates: Security+ CE as well
• Knowledge of USAF CEMS is a plus
Candidate must have or be capable of obtaining a Secret Security Clearance.
Less than 10% travel anticipated.
External Referral Eligible
External Referral Bonus:
Potential for Telework:
Clearance Level Required:
Yes, 10% of the time
Scheduled Weekly Hours:
Defense & Intel