IT Security Administrator/Program Manager

Job description

Job Summary::
DDC-IT Services is looking for an experienced ISSM to provide subject matter expertise in support program executive office business and enterprise systems work. The position also involves Program Management oversight responsibilities for multiple tasks.

*Current contract running through March 2022, with eligibility for extension*

Job Duties and Responsibilities: :
- Program Management.
• Formulate, organize and monitor inter-connected PWS initiatives and taskings with Project and Technical Leads for data management, data governance, infrastructure/tool support, enterprise architecture, interface change control processing evaluations, data analytics, and data visualization
• Manage and utilize resources and interdependencies across PWS initiatives
• Coordinate creation of and approve submission of all contract data requirement list (CDRL) artifacts including but not limited to integrated management schedule, monthly financial report, meeting agenda/minutes, monthly status report (MSR), meeting read ahead materials, travel requests and reports, technical reports and technical metrics
• Coordinate and facilitate Government Sponsor and Stakeholder communications including but not limited to quarterly Program Management Reviews (PMR)s, other presentation materials as requested, risk and issue management and corrective action submissions
• Serve as primary POC for program level issue escalation with Government Sponsor
• Plan and direct program level standards, procedures, processes and job aids as needed
• Coordinate, monitor and report compliance status for Government specialized training requests or other adhoc requests
• Support Air Force Portfolio Director with all aspects of program staffing actions (position description definitions, candidate screening, interview participation, all aspects of employee onboarding acclimation definition and tracking, out-processing, corporate training requests, program level time reporting) as well as sub contract management as requested

- A&A Support. Prepare and review Mission Partner security assessment and authorization documents and artifacts in accordance with (IAW) with all DoD A&A regulations and governance. Document Mission Partner security findings using cybersecurity tools to include eMASS and ESPS. Register and maintain information system programs in DoD's mandated program registration system. Verify information system Ports, Protocols and Services (PPS) are acquired, developed, implemented, maintained, and registered in DoD's central registry system. Ensure applicable NIPRNet, SIPRNet, and isolated environment information system programs are registered in DoD's mandated A&A repository. Monitor and report Mission Partner program's Authority to Operate (ATO) expiration dates. Initiate, process, and monitor authorizing official (AO) risk acceptance, Plans of Action and Milestones (POA&M), waiver, and reciprocity processing. Use the Office of the Secretary of Defense's (OSD) official Knowledge Service portal as authoritative source for RMF policy and implementation guidelines. Provide documentation regarding the security posture of DoD Information Systems (IS) and Planned Information technology (PIT) systems to promote reciprocity as described in DoD Instruction (DoDI) 8500.01 and to assist AOs from other organizations in making credible, risk-based decisions.

- Cybersecurity compliance. Assist in DoD supported audits, to include auditing and reporting of systems, networks, documentation, cybersecurity controls, DoD 8570.1-M requirements, information assurance vulnerability management (IAVM) notifications, and STIG. Conduct technical analysis of vulnerabilities to determine the impact to the DISA Enterprise cybersecurity posture. Create, maintain, and document functional processes that ensures cybersecurity requirements are identified and implemented throughout the system lifecycle, to include acquisition, design, development, testing, integration, implementation, operation, upgrade, and/or replacement.

- Risk Management. Implement DoD multi-tiered cybersecurity risk management process to protect U.S. interests, DoD operational capabilities, and DoD individuals, organizations, and assets IAW National Institute of Standards and Technology (NIST) Special Publication (SP) 800-39 (Reference (o)) and Committee on National Security Systems (CNSS) Policy (CNSSP) 22. Create, maintain, and document a risk management process for identifying, validating, and reporting risks. Address, manage and integrate cybersecurity risk management throughout information technology life cycle, from acquisition to decommission. Perform, maintain, document and report on risk assessments IAW applicable DoD cybersecurity policies, standards, and architectures for Mission Partner information system programs to provide vulnerability posture awareness. Create, maintain, document and report risks associated with DoD cyberspace vulnerabilities and adversary threats impacting DoD employment of capabilities to achieve military, intelligence, and business operations objectives, and risk assessment mitigations associated with weaknesses or flaws introduced through faulty system design, configuration, and/or use. Assist and provide technical security expertise to the DISA Enterprise Information System Security Manager (ISSM) with researching and integrating new technologies (to include risks and benefits) pertaining to programs, systems, networks, and the adherence to applicable cybersecurity requirements. Ensure information systems are assigned to and governed by a DoD component cybersecurity program that manages risk commensurate with the categorization of supported missions and the value of potentially affected information or assets.

Job Requirements (Education/Skills/Experience)::
*MUST HAVE SECRET CLEARANCE*

Skills/Competencies Required:

Good analytical and reporting skills

Good communication skills.

Good documentation and process skills.

Microsoft Office (Excel, PowerPoint, Word, Outlook)

Experience with Remedy IT Ticketing system.

DOD Cyber Security Best Practices

Ten years of relevant experience.

Technical Skills Required:

RMF

Microsoft Office (Excel, PowerPoint, Word, Outlook)

SharePoint

Certifications Required:

IAM I level certification (one of the following)
- CAP
- GSLC
- Security+ CE

eMASS experience a plus!!

#ddcitservicesjobs