Information Assurance (IA) Security Administrative Support Services

About The Position

Requirements

• Bachelor's degree in Cybersecurity, Information Security, Computer Science, or a related technical field.
• Advanced security certifications (e.g., CISSP, CISM, CAP, or equivalent) are required.
• 8-10 years of progressive experience in information assurance and cybersecurity, with at least 5 years in a senior or lead role managing enterprise-level security programs.
• Should have extensive experience in implementing and managing comprehensive security programs in complex, multi-site environments, preferably in military or healthcare settings.
• Demonstrated expertise in DoD security regulations, RMF processes, and advanced security technologies is required.

Nice To Haves

• Master's degree preferred.

Responsibilities

• Provides expert-level support and leadership for the Defense Health Agency's Information Assurance and cybersecurity initiatives across its global network of military hospitals, medical clinics, and dental clinics.
• Serves as a key specialist responsible for ensuring the confidentiality, integrity, and availability of DHA's critical information systems and data.
• Develops, implements, and maintains comprehensive information assurance and security policies, procedures, and standards that align with DoD cybersecurity requirements, Risk Management Framework (RMF), NIST guidelines, and various DoD strategies including Zero Trust, ICAM, Digital Modernization, and Cybersecurity Reference Architecture.
• Leads the implementation and management of advanced security controls and technologies across DHA's complex IT infrastructure, including approximately 250,000 end-user devices, 3,000 physical and virtual servers, and 250 sites worldwide.
• Conducts regular risk assessments, vulnerability scans, and penetration tests to identify and address security weaknesses across the DHA network.
• Develops and oversees the implementation of remediation plans to address identified vulnerabilities and enhance overall security posture.
• Plays a crucial role in the accreditation of operational environments, ensuring all systems meet required security standards and maintain compliance with relevant regulations and policies.
• Leads the preparation and maintenance of security documentation required for the Risk Management Framework (RMF) process.
• Manages the incident response process, leading investigations into security incidents and coordinating response efforts across various IT teams.
• Develops and maintains the DHA's incident response plans and procedures, ensuring rapid and effective responses to security threats.
• Oversees the implementation and management of identity and access management systems, ensuring appropriate user authentication, authorization, and access controls across all DHA systems and applications.
• Leads efforts to implement and maintain Public Key Infrastructure (PKI) and Public Key Enabling (PKE) capabilities.
• Provides expert guidance on security best practices and emerging threats to DHA leadership and IT teams.
• Develops and delivers security awareness training programs for DHA personnel to promote a culture of security consciousness.
• Collaborates closely with other IT teams to ensure security considerations are integrated into all aspects of DHA's IT operations, including system design, development, and deployment processes.
• Represents the IA team in cross-functional projects and high-level planning meetings.
• Works independently, providing mentorship to junior security personnel and collaborating with other high-level technical experts across various IT disciplines.
• Must be prepared to support 24-hour operational requirements as needed and contribute to maintaining the stability and security of the DHA's IT services.

Benefits

• health insurance
• dental insurance
• vision insurance
• 401K with company matching
• flexible spending accounts
• paid holidays
• three weeks paid time off