Job Description:
Competitive Range Solutions is looking for a Cybersecurity Engineer Subject Matter Expert - Assessments and Authorizations (A&A) Senior to lead all the A&A efforts for an Army IT network; manage eMASS records and A&A artifacts; perform A&A related reporting; and coordinating A&A efforts with responsible parties to execute an effective A&A program. The Cybersecurity Engineer Subject Matter Expert - Assessments and Authorizations (A&A) Senior contract specific tasks include:
- Perform the day-to-day activities of the A&A lifecycle for all ARL enterprise systems.
- Review DoD and Army policy requirements for A&A applicability.
- Coordinate and strategize A&A plans for current and upcoming authorization and Authority to Operate (ATO) efforts.
- Develop recommendations and update Cybersecurity policy documentation and artifacts such as: System Security Plan, Security Policy, IT Contingency Plan, and any other A&A required artifacts.
- Answer A&A/Control related requests and questions from ARL leadership and IT Staff.
- Coordinate the collection of and request necessary A&A documentation from respective Government IT teams and System Administrators, which includes the creation of clear and published guidance for government review and approval for where and how the artifacts will be distributed, evaluated, approved, and officially submitted within the ATO package.
- Review artifact submissions and provide timely, valuable, and actionable feedback citing specific deficiencies and clear deadlines if the documentation does not meet Cybersecurity requirements.
- Implement higher command A&A guidance as directed by the ISSM.
- Manage the Plan of Action and Milestones (POA&M) process, which includes providing guidance for creation and submission; maintenance and oversight; improvements to the POA&M process; providing exports of the POA&M in Enterprise Mission Assurance Support
- Service (eMASS) as needed by the IT staff.
- Maintain required A&A documentation in eMASS for all ARL systems and ensure that the documentation is kept up-to-date and that all A&A requirements have been met and Cybersecurity guidance from higher command is followed.
- Prepare for and lead the Annual Information System Contingency Planning (ISCP) Training/Exercise with relevant and applicable scenarios, document the discussion, and provide written recommendations for improvement within 30 days following exercise with a goal of the least disruption to IT infrastructure during an applicable event.
- Perform any of the above A&A tasks for R&D (non-enterprise) ATOs that fall under the ABS requirements.
- Prepare for and coordinate any Cybersecurity inspections for the organization such as: Security Control Assessor Validator (SCA-V), Command Cyber Readiness Inspection (CCRI), Department of the Army Inspector General (DAIG), Cyber Protection Brigade (CPT), and others as required.
- Complete risk assessments for submitted Configuration Control Board (CCB) items and interact with the ARL CCB to ensure Cybersecurity policies and best practices are implemented within ARL environments prior to any enterprise changes.
Qualifications/Experience:
- At least 10 years of Cybersecurity Experience.
- At least 5 years A&A Experience.
- Must be a US Citizen and have a Top-Secret security clearance.
- Must have IAM II Level Baseline Certification.
Physical Demands
- Ability to type, email, communicate via telephone effectively and sit for extended periods of time.