Apply on Employer Site

Trideum Corporation · 4 hours ago

Cybersecurity Risk Management Framework (RMF) Functional ISSO (Information Assurance Analyst)

San Antonio, TX

Full-time

Onsite

Senior Level, Lead/Staff

8+ years exp

Trideum Corporation is a 100% employee-owned company focused on providing quality service and support. They are seeking a cybersecurity professional to assist in the implementation and compliance of cybersecurity requirements within the DoD, specifically managing Authority To Operate records and ensuring cybersecurity is effectively implemented across multiple training complexes.

RoboticsSoftware

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Maintain compliance and inspection of Type- Authority-To-Operate (ATO) records in Enterprise Mission Assurance Support Service (eMASS) for eleven IMCOM CONUS Mission Training Complexes (MTC)

Manage and track Authorizing Official (AO) / Program (P)-ISSM authorization decisions, taskers, and due outs, and then assist in the publishing of orders to MTC’s

Track AO authorization decisions for hosted and interconnected IS and Program IT (PIT) systems

Help establish and track standards for Type-ATO eMASS records and RMF related documents

Assist and inspect MTC Plan of Action and Milestones (POA&M) and review monthly updates

Develop, maintain, and assist in publishing RMF / security audits and inspections checklists

Establish standards and provide guidance for eMASS record structure for the eleven IMCOM MTCs

Continuously monitor eMASS and APMS records for RMF compliance

Report the security status of the Information Systems, including the effectiveness of security controls employed within and inherited by the system, to the AO and other appropriate organizational officials on an ongoing basis, in accordance with the monitoring strategy

Participate in working groups and IPRs, update running estimates, and assist in maintaining RMF Team SharePoint portal cybersecurity documentation in support of gaining system-level RMF 2.0 ATO/continuous monitoring (CONMON)

Standardize and maintain policies for 18 RMF families supporting the operations and security of the MTCs’ operated networks

As required, conduct Staff Assistance Visits (SAV) to the eleven CONUS MTCs to conduct RMF planning, assistance, audits, and inspections: up to 25%

Assist the Army Materiel Command (AMC) P-ISSM to conduct Security Control Assessor-Validation (SCA-V) and conduct periodic compliance visits and ensure MTCs are operating IAW the ATO

Assist in the development, maintenance, and publish standards for training and appointment orders, DD Form 2875 System Authorization Access Request (SAAR) for MTC site ISSM, ISSO, Network, and System Administrators

Track MTC ISSMs, ISSOs, Networks, and System Administrators in the Army Training and Certification Tracking System (ATCTS) for compliance with DoD, Department of the Army (DA), AMC, and IMCOM standards

Develop and manage a training program to ensure that all cybersecurity personnel receive the necessary technical and security training to carry out their duties and maintain certifications

Qualification

DoD RMF certificationEMASS managementInformation Assurance ManagementCISSP AuditorNetwork architecture designSharePoint administrationU.S. Army operationsCybersecurity trainingMilitary service experience

Required

DoD 8570 Information Assurance Management (IAM) level I certification (minimum)

Bachelor's degree in IT or a related field or DoD 8570 IAM level II and DoD 8570 CISSP Auditor

Eight (8) years of network architecture design and implementation experience

Possess a strong understanding of communications support to US Army operations and training

Understanding and experience in U.S. Army simulations architectures and capabilities and U.S. Army Regulations and policies

Fully understand the DoD RMF certification and accreditation process, cybersecurity requirements, eMASS, and APMS

Knowledgeable in SharePoint administration

Possess Active US SECRET clearance (minimum)

U.S. Citizen

Preferred

DoD 8570 Certified Information Systems Security Professional (CISSP) Auditor

Military service with experience as an ISSO, ISSM or areas like those listed under required qualifications

Overall familiarity with US Army training, Training Aids, Devices, Simulators, and Simulations (TADSS), and Command and Control Information Systems (C2IS)

Military service in Signal/Communications/Cyber unit and/or functional areas

TOP SECRET clearance with Sensitive Compartmented Information (SCI) background investigation