***Active TS/SCI with CI Polygraph Required***
Red Arch Solutions is a proven and effective small business integrator and consultant, recognized as a leading provider of IT development to the Federal Government, and primarily focused within the Intelligence Community. We offer excellent benefits, including 20 days PTO, 10 holidays, up to 10% 401k contribution, and reimbursement for tuition/certifications. Top of the line PPO Medical, Dental, Vision, and Short and Long-Term disability are also offered.We are also an official AWS Partner, and are pleased to now offer Cloud Solutions Architecture and Engineering using Amazon Web Services.
Red Arch Solutions is looking for an ISSO/ISSM Cybersecurity manager to support our team in Virginia. What we need from you:
- Are passionate about working on cutting edge, high profile projects and are motivated by delivering solutions on an aggressive schedule
- Aren’t satisfied with status quo, and regularly look for creative ways to solve problems and help your team meet commitments
- Are insatiably curious – you ask why, you explore, and you’re not afraid to blurt out your crazy idea
- Love learning new technologies and sharing them with your team
- Have strong verbal and written communication skills, due to the dynamic nature of collaborations with customers, vendors, and other engineering teams to solve complex business problems together
- Have the ability to multitask and collaborate with a team
Job Duties/Responsibilities
- Develop, maintain and manage Security Authorization and Assessment packages that include System Security Plans (SSP), Contingency Plans (CP), and other relevant security documentation for existing and new systems.
- Perform vulnerability/risk assessment analyses to support Assessment & Authorization (A&A) activities.
- Develop, maintain, and facilitate the appropriate closure of POA&Ms and any related remediation activities.
- Conduct periodic reviews of information systems to ensure compliance with the security authorization package.
- Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.
- Ensure audit records are collected, reviewed, and documented (to include any anomalies)
- Execute the cyber security portion of the self-inspection, to include provide security coordination and review of all system assessment plans.
- Identify cyber security vulnerabilities and assist with the implementation of the countermeasures for them.
- Prepare reports on the status of security safeguards applied to computer systems.
- Conduct continuous monitoring activities for authorization boundaries under your preview.
- Apply the NIST Special Publication 800-37 Rev 2 Risk Management Framework (RMF) process to information systems and applications currently being assessed or developed.
- Formulate plans and schedules to conduct either portions or all of the RMF process on selected products.
- Conduct and guide the analysis needed to gather information needed to produce RMF artifacts.
- Provide recommendation on how RMF products can be used to prepare for other processes.
- Develop RMF documentation as required to prepare products and systems for submission to an ATO authority or a NIAP/CSfC laboratory.
Required Clearance:
- Mandatory Security Clearance Requirement: TS/SCI with CI Polygraph
Required Qualifications:
- A Bachelor’s degree in a relevant field OR a High School diploma with 4+ years of relevant experience
- 10 - 15 years related experience
- Prior performance in roles such as ISSM, SCA, Cybersecurity Systems Engineer or ISSO
- Security+ or DoD 8570 Certification required