Senior Cybersecurity Lead

Aretum•Washington, DC

8h•Remote

About The Position

Aretum is a mission-driven organization committed to delivering innovative, technology-enabled solutions to our customers across defense, civilian, and homeland security sectors. Our teams work at the intersection of strategy, technology, and transformation, helping agencies solve their most critical challenges. We believe in investing in our people and creating a culture where collaboration, inclusion, and professional growth are at the forefront. As a Senior IA/Cybersecurity Lead, you will be responsible for evaluating and strengthening security controls, conducting risk assessments, and managing compliance with Federal Information Security Management Act (FISMA) requirements. Your leadership will be crucial in establishing a security-first culture within the organization, and will directly contribute to safeguarding critical information systems. Due to the nature of our work as a federal consulting organization, employees may be expected to handle Controlled Unclassified Information (CUI) and must adhere to applicable safeguarding and compliance requirements.

Requirements

A minimum of ten years of DoD IA experience.
Active TS/SCI Required
Possess one of the following certifications: GSLC, CISSP, CISM, and CISA, or another DoD 8570.01-M Level 3 authorized IAT/IAM certification.
A minimum of eight years of experience analyzing, assessing, and implementing corrective actions based on vulnerability management and penetration testing tools and work efforts.
A minimum of eight years of experience with the NIST RMF, NIST SP 800-53, STIGs, SCAP, IAVAs, and FISMA.
A minimum of eight years of experience supporting DoD defensive cyber operational activities, including, but not limited to, information system protection, defense, response (incident handling), reporting, and recovery.
A minimum of eight years of experience in managing complex DoD projects.

Nice To Haves

A bachelor’s degree in an IT related field
Strong verbal and written communication skills as well as the ability to work independently.
Experience leading teams.
Experience writing Standard Operation Procedures (SOP), COOP Planning, POA&Ms, and other documentation in support of RMF as required.
The ability to provide technical evaluation of proposed system(s) and application approaches.

Responsibilities

Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information.
Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure.
Respond to computer security breaches and viruses.
Monitor DOD, and other sites (e.g. Army Cyber) for new standards, regulations and policies.
Review contract deliverables for compliance.
Support risk management framework (RMF) implementation.
Assess Information Assurance Vulnerability Alert (IAVA) management plans and processes.
Develop and maintain Plans of Actions and Milestones (POAMs) for security related activities.
Manage DD2875 submissions and support provisioning activities.
Lead a Cybersecurity team and support interaction with other IT teams.