Location
Boston, MA | United States
Job description
Overview
Work Where it Matters
Five Rivers Analytics (FRA), an Akima company, is not just another federal IT contractor. As an Alaska Native Corporation (ANC), our mission and purpose extend beyond our exciting federal projects as we support our shareholder communities in Alaska.
At FRA, the work you do every day makes a difference in the lives of our 15,000 Iñupiat shareholders, a group of Alaska natives from one of the most remote and harshest environments in the United States.
For our shareholders , FRA provides support and employment opportunities and contributes to the survival of a culture that has thrived above the Arctic Circle for more than 10,000 years.
For our government customers , FRA delivers streamline operations in support of an increasingly fast-paced, complex, and dynamic digital environment.
As a FRA employee , you will be surrounded by a challenging, yet supportive work environment that is committed to innovation and diversity, two of our most important values. You will also have access to our comprehensive benefits and competitive pay in addition to growth opportunities and excellent retirement options.
Job Summary :
The Information Assurance SME – Lead will function as an expert in information security and will take on a key role in overseeing and enhancing the cybersecurity posture of our organization. The successful candidate will be responsible for leading the implementation of information assurance strategies, ensuring compliance with regulations, and providing expert guidance on cybersecurity practices.
Responsibilities
Job Responsibilities :
Information Assurance Team Leadership:
- Lead an Information Assurance (IA) team to ensure effective collaboration and task execution.
- Coordinate tasks, duties, and responsibilities of the team to ensure performance of IT service delivery as outlined in the PWS.
Security Policies and Procedures:
- Lead the development, review, and update of information security policies and procedures.
- Ensure the organization's strict adherence to security policies and procedures.
Risk Management Framework:
- Implement and oversee the Risk Management Framework (RMF) for information systems.
- Conduct categorization of information systems and provide guidance on selecting security controls.
- Develop and maintain System Security Plans (SSPs) and associated RMF documentation.
- Conduct security control assessments and facilitate continuous monitoring activities.
- Provide expert guidance on RMF processes, ensuring compliance with NIST and Department of Defense (DoD) guidelines.
- Collaborate with system owners and stakeholders to address security control deficiencies and implement corrective actions.
- Support the Authorization process by preparing and reviewing accreditation packages.
- Stay current on changes to the RMF and cybersecurity landscape and provide training to relevant personnel.
Incident Response:
- Lead and coordinate incident response activities in the event of security incidents.
- Conduct thorough post-incident analysis and implement corrective actions.
IAVM Program Implementation:
- Collaborate with the Northeast Region Regional Network Enterprise Center (RNEC) to implement the Information Assurance Vulnerability Management (IAVM) program.
- Ensure compliance with all DoD published regulations and policies.
Event Reporting:
- Assist the Northeast Region RNEC in reporting event and time-based incidents.
- Ensure reporting procedures align with all DoD published regulations and policies.
AESS Services on Baseline Network:
- Provide Assured Enterprise Security Services (AESS) on the Baseline Network.
- Assist the Northeast Region RNEC in operating and maintaining a Defense In Depth for the Installation Campus Area Network (ICAN) and/or enclaves within the ICAN.
Cybersecurity Management:
- Manage the cybersecurity of Mission Partner/PM managed mission-funded hardware and software changes for the installation.
- Oversee all aspects of cybersecurity, including vulnerability assessment, risk management framework (RMF), and audit support.
Qualifications
Minimum Qualifications:
- High School plus eight (8) years' related experience supporting Department of Defense (DoD)- or -Associates / Bachelors / Masters (related field) plus five (5) years' related experience supporting DoD
- Proven leadership experience in information security, risk management, and compliance.
- In-depth understanding of security frameworks, standards, and best practices (ISO 27001, NIST, etc.).
- Strong knowledge of security technologies and tools.
- Excellent communication, leadership, and collaboration skills.
- Ability to provide expert guidance on complex cybersecurity issues.
- Active SECRET Clearance
- Current unexpired 8570 Information Assurance Management (IAM) Level II certification (at least one of the following:)
- CISM
- CISSP (OR ASSOCIATE)
- GSLC
- CCISO
- CAP
- CASP+ CE
- HCISPP
We are an equal opportunity employer and comply with all applicable federal, state, and local fair employment practices laws. All applicants will receive consideration for employment, without regard to race, color, religion, creed, national origin, gender or gender-identity, age, marital status, sexual orientation, veteran status, disability, pregnancy or parental status, or any other basis prohibited by law. If you are an individual with a disability, or have known limitations related to pregnancy, childbirth, or related medical conditions, and would like to request a reasonable accommodation for any part of the employment process, please contact us at [email protected] or 571-353-7053 (information about job applications status is not available at this contact information).
Job: Information Technology
Travel: None
Organization: Five Rivers Analytics
Clearance: SECRET
Work Type: On-Site
Remote: No
ReqID: 2024-7871
Job tags
Salary