Information Assurance Lead

About The Position

Requirements

• Bachelors degree and 12+ years of prior relevant experience, additional years of experience will be accepted in lieu of a degree.
• DoD 8570/8140 IAT level II or higher certification such as CompTIA Security+ CE, ISC2 SSCP, SANS GSEC.
• Minimum of 3 years of experience performing vulnerability scans using Assured Compliance Assessment Solution (ACAS) and STIG assessment tools such as Evaluate-STIG or SCAP.
• Familiarity and experience with the Department of Defense (DoD) and tools, systems, and reporting mechanisms and requirements for certification and accreditation (C&A).
• Experience developing and reviewing security concept of operations, systems security plans, security risk assessments, plan of action and milestones (POA&M), contingency plans, configuration management plans and processing artifacts in XACTA or eMASS.
• Must possess an active Secret clearance and ability to obtain TS/SCI clearance is required to be considered.

Nice To Haves

• CISSP
• USAF cybersecurity experience or DoD equivalent.
• TS/SCI

Responsibilities

• Serve as the IA lead and primary point of contact for system owners, developers, ISSOs, ISSMs, and government stakeholders on all cybersecurity compliance matters.
• Create and maintain processes and procedures for use by members of the ISSO team.
• Support the ISSO Team Lead in conducting lessons learned activities to improve the overall productivity and efficiency of the ISSO team.
• Lead all phases of the Risk Management Framework (RMF) process, including system categorization, control selection, implementation, assessment, authorization, and continuous monitoring.
• Develop, maintain, and submit complete security authorization packages (System Security Plans, POA&Ms, SARs, etc.) for systems seeking Authority to Operate (ATO).
• Ensure security controls (NIST 800-53) are correctly implemented and documented.
• Coordinate assessments with Security Control Assessors (SCAs) to validate compliance.
• Establish and manage continuous monitoring strategies, including vulnerability scanning, audit log reviews, and control revalidation.
• Interpret and enforce DoD, DISA, and NIST cybersecurity policies, ensuring system compliance with STIGs, SRGs, and other applicable mandates.
• Oversee routine security scans using tools like ACAS (Tenable.sc/Nessus), SCAP Compliance Checker, and HBSS.
• Manage findings and coordinate remediation.
• Collaborate with cybersecurity operations teams in the development and testing of incident response plans and provide technical support during incidents.
• Prepare security status reports, metrics dashboards, and briefings for leadership.
• Guide systems through the A&A process to obtain or maintain ATOs in accordance with DoD RMF, component-specific requirements, and document in eMASS.
• Support internal and external audits, including CCRI (Command Cyber Readiness Inspections), by ensuring systems are audit-ready and documentation is current.
• Develop and update Assessment & Authorization (A&A) documentation (Body of Evidence) for management and continuous monitoring of information systems.
• Maintain 800-53 Control Statues and keep STIGs updated in eMASS.

Benefits

• competitive compensation
• Health and Wellness programs
• Income Protection
• Paid Leave
• Retirement