Information Assurance Lead

About The Position

Requirements

• 5+ years experience in a cyber security or information assurance role including at least 3 years supporting the RMF.
• HS diploma or GED.
• Must be CISM or CISSP certified (or hold an equivalent certification in compliance with DoD 8140/8570 IAM II).
• Must hold the Certified in Governance, Risk and Compliance (CGRC) certification and have participated in training for DISA ACAS Supervisor and Operator and DISA Enterprise Mission Assurance Support Service (eMASS).
• Experience with DoD cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. NIST SP 800 series, CNSSI 1253.
• Experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs.
• Experience in assessing and documenting test or analysis data to show cybersecurity compliance.
• Experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include: NESSUS, ACAS, DISA STIGs, Audit Tools, ESS, eMASS, PPS.
• Outstanding communication skills across all levels of the organization.
• Must be a US citizen and hold a current Top Secret clearance with SCI Access (TS/SCI).
• Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.

Nice To Haves

• Additional certifications such as CCNA or Microsoft Certified: Information Security Administrator Associate preferred.

Responsibilities

• Lead, mentor, and supervise teams of Information System Security Officers (ISSOs) and ACAS administrators to ensure consistent execution of the Risk Management Framework (RMF).
• Assess the quality, accuracy, and completeness of ISSO work products to ensure alignment with Department of War security standards.
• Coordinate workflows between ISSOs and ACAS administrators to ensure vulnerability scan outputs are translated into actionable remediation tasks.
• Oversee deployment, configuration, and ongoing operation of the Assured Compliance Assessment Solution (ACAS) to maintain comprehensive network visibility.
• Review and validate ACAS scan results, ensuring findings are accurately categorized and prioritized based on mission impact.
• Ensure ACAS administrators maintain current plugin sets and comply with required scanning schedules and procedures.
• Lead the creation, review, and submission of RMF artifacts within eMASS, including System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms).
• Manage the timely production and delivery of Contract Data Requirements List (CDRL) cybersecurity deliverables in accordance with contract requirements.
• Maintain continuous accuracy and currency of all mission assurance documentation to reflect the system’s real‑time security posture.
• Oversee the transition of RMF artifacts into the continuous monitoring phase to support sustained Authorization to Operate (ATO) status.