Assessment & Authorization Lead

About The Position

Requirements

• Bachelor’s Degree in Information Assurance, Computer Science, or related field.
• 6-8 years of experience with 2-5 years of management experience
• Must have experience writing policy, performing vulnerability testing and operating system hardening along with demonstrated leadership skills including organizing, planning, scheduling and coordinating workloads to meet established deadlines.
• Familiarity with security industry standards (ISO 17799, NIST 800 series, etc.)
• Experience with internal controls, risk assessments, business process and internal IT control testing or operational auditing.
• Demonstrated ability to write business and technical reports and to participate in presentations.
• Possess a thorough understanding of technical interface requirements and processes.
• Strong interpersonal skills to effectively interface with all levels of employees, management and outside representatives.
• Ability to resolve complex and diverse technical and management issues.
• Must demonstrate a detailed and comprehensive knowledge and understanding of data security principles, theories, regulations and practices.

Responsibilities

• Lead and manage a matrixed team to coordinate efforts across multiple organizations (DHA, DHMSM and VA).
• Interface with System Owners, System Stewards, Office of Information Security (OIS), Office of Information Technology, Product Owners, vendor project managers, and other stakeholders to manage JCOIC-driven tasks and responsibilities for systems that require cybersecurity review
• Provide Director and Executive-level reporting on all system packages submitted to JCOIC for review; and prepare ad-hoc briefings for leadership
• Enhance the A&A review process to streamline and automate manual steps
• Manage a technical team of cyber security professionals and provide mentorship and leadership
• Manage and resolve escalated issues and risks raised by the team
• Provide tactical leadership to personnel by delegating and monitoring technical and project-related tasks, provide constructive feedback to personnel, and work closely with team leads on personnel issues.
• Conduct technical reviews, validate modifications against the DISA CAL, work with and consult with ISSOs and system owners, and work across various departments and organizations (e.g., VA, DHA, DISA, etc.).
• Work collaboratively with Cybersecurity and IAM Oversight Technical Lead to manage the team and drive the Cyber Strategy for the Program