Apply on Employer Site

SciTec, Inc. · 18 hours ago

Information Assurance Manager

Boulder, CO

Full-time

Onsite

Senior Level, Lead/Staff

$160K/yr - $200K/yr

10+ years exp

SciTec is a dynamic small business focused on delivering advanced sensor data processing technologies for National Security and Defense. They are seeking an Information Assurance Manager to lead and mentor a team ensuring compliance with cybersecurity policies and managing risk management standards.

AerospaceConsultingInformation Technology

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Lead the implementation and maintenance of cybersecurity policies, standards, and procedures to ensure compliance with DoD, NIST, and FISMA requirements

Manage and lead a diverse, multi-location Information Assurance team while supporting their optimal performance and growth

Manage system accreditation processes under RMF, including development of System Security Plans (SSPs), POA&Ms, Security Assessment Reports (SARs), and continuous monitoring strategies

Lead the design and oversee the implementation of secure network architectures

Coordinate with system owners, engineers, ISSM/ISSO, IT, and other stakeholders to manage security controls and system authorizations

Collaborate with IT, DevOps, and physical security to remediate findings from security assessments and continuously improve the organization's security posture

Support incident response activities and ensure timely reporting of cybersecurity incidents per government policy

Lead tabletop exercises simulating incident response, simulating cyber incidents, identifying procedural gaps, evaluate response capabilities, and improve cross-functional readiness

Conduct threat modeling to identify and assess cybersecurity ricks, prioritize mitigation efforts, and advise stakeholders on protective strategies

Manage and lead red-teaming and penetration testing activities, including planning, execution, and reporting to uncover vulnerabilities and ensure network resilience

Ensure system configurations comply with DISA STIGs and DoD Security Technical Implementation Guides

Conduct security impact assessments and risk assessments on proposed system changes

Provide regular status reports and briefings to senior management and government stakeholders

Participate in internal and external security audits and assessments

Stay current on emerging threats, vulnerabilities, and technologies relevant to government cybersecurity

Other duties as assigned

Qualification

Information AssuranceCybersecurity ComplianceRisk Management Framework (RMF)NIST 800-53CISSP CertificationEMASSIncident ResponsePenetration TestingCMMC Level 2Team LeadershipCommunication Skills

Required

Active DoD Secret or higher security clearance

Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or other related field. Equivalent experience may be considered

At least 10 years of relevant experience in information assurance, cybersecurity compliance, or risk management within a federal or DoD contracting environment

Demonstrated ability to lead and mentor teams, develop skills, set goals and drive accountability, and effectively manage and engage stakeholders

A CISSP, CAP, CISM, GSLC, or an alternate qualifying certification satisfying DoD 8570.01M requirements for an Information Assurance Manager Level II

Demonstrated knowledge of RMF, NIST 800-171, NIST 800-53, FISMA, and other federal cybersecurity frameworks

Hands-on experience with eMASS, ACAS, HBSS, and other DoD security tools

Strong written and verbal communication skills, including the ability to interface with technical and non-technical stakeholders

Incident response and reporting experience, including experience with DCSA

Direct experience with CMMC Level 2 implementation