Information Assurance Lead - Shaw AFB, SC
Under general direction, responsible for all activities relating to information assurance procedures and systems. Develops information systems assurance programs and control guidelines. Confers with and advises subordinates on administrative policies and procedures and resolving technical problems, priorities, and methods. Consults with and advises other sections regarding internal controls and security procedures. Prepares activity and progress reports relating to the information systems audit function. Will be required to serve as Task Leader. Responsible for ensuring the quality and services delivered for particular task(s) for which this skill is performing the Task Leader position.
To apply, will require Active/current Top Secret clearance with SCI eligibility. SAP access required.
- Serve as the information security subject matter expert, and implement processes and controls in support of cybersecurity programs to ensure compliance with AFI 17-130, Cybersecurity Program Management, and other governing DoD, USAF and USAFCENT directives and policy;
- Plan, implement, upgrade and monitor security measures for the protection of communications and IT systems and information;
- Draft, review and coordinate local IA policies, procedures and operating instructions, and provide recommendations for revisions;
- Identify and manage cybersecurity risks; and implement controls to ensure the secure and delivery of mission critical services;
- Monitor and detect cybersecurity events; and implement appropriate response and recovery actions;
- Manage cybersecurity incident management handling, response, escalation and reporting IAW SPIN-C and other IA applicable regulations;
- Maintain cybersecurity posture IAW SPIN-C and applicable DoD, AF and USAFCENT directives and policy;
- Ensure all IT hardware/software products are configured IAW with Security Technical Implementation Guidance (STIG) and other relevant security configuration and implementation guidance;
- Ensure no unauthorized hardware/software is installed or used on Enterprise and AOC networks and systems;
- Utilize standard software tools to perform vulnerability scans of network equipment and software; and assist network, systems and client administrators in implementing corrective actions required when vulnerabilities are detected;
- Develop, update and maintain certification and accreditation documentation, including but not limited to DoD Risk Management Framework (RMF) artifacts, Plan of Action and Milestones (POA&Ms), waivers, and vulnerability mitigation plans;
- Assess the impact of changes on certification and accreditation packages, and advise the government accordingly;
- Process and coordinate system access authorization requests, software approval requests, firewall and proxy exemption requests/waivers, and other IA-related documents;
- Ensure IA-related documentation is current and accessible to authorized individuals;
- Research security issues affecting network/systems hardware and software, and provide recommended solutions;
- Ensure unit and individuals are in compliance with USAFCENT NOSC IA standards and guidance; and promote information security awareness;
- Assist with the sensitive and/or classified hard drive and removable media tracking, sanitization and destruction;
- Assist with the operation, management and administration of unit Communications Security (COMSEC) and Emissions Security (EMSEC), and Operations Security (OPSEC) programs, as required.
DoD 8570 Level 3 or higher (CISSP, GLSC or CISM)
Must have at least a Bachelor's degree in Computer Science or related field and 14 years of experience.
Must have Knowledge of:
- DoD Risk Management Framework (RMF)
- Assured Compliance Assessment Solution (ACAS)
NOTE: To apply, will require Active/current Top Secret clearance with SCI eligibility. SAP access required.
EMW, Inc. is an Equal Opportunity Employer.