Logo
Cherokee Nation Businesses

Cybersecurity Information Assurance Engineer

Cherokee Nation Businesses, Richmond, VA


Job Description

Cybersecurity Information Assurance Engineer

This position requires the ability to obtain a Public Trust

We are seeking a highly skilled Cybersecurity Information Assurance Engineer (Senior) to serve as the Enterprise Vulnerability Management Task Lead. The successful candidate will be responsible for overseeing all information assurance activities, developing control guidelines, and leading a team in managing the organization's vulnerability management efforts. This role requires close coordination with the customer's Continuous Diagnostics and Mitigation (CDM) integrator to ensure alignment with the organization's cybersecurity strategy and roadmap. The Task Lead will also establish streamlined processes for vulnerability intake, prioritization, and analysis while managing various CDM capabilities, ensuring the organization stays secure and compliant with federal regulations.

Please Note: This position is for future needs. If you are interested in a future with Cherokee Federal, APPLY TODAY! We are accepting applications.

Compensation & Benefits:
  • Estimated Starting Salary Range for Cybersecurity Information Assurance Engineer: $120,000 to $130,000
  • Pay commensurate with experience.
  • Full time benefits include Medical, Dental, Vision, 401K and other possible benefits as provided. Benefits are subject to change with or without notice.

Cybersecurity Information Assurance Engineer Responsibilities Include:
  • Lead the Enterprise Vulnerability Management team to collaborate with the customer's CDM Integrator, ensuring alignment of CDM capabilities with the cybersecurity strategy and roadmap.
  • Develop and maintain Standard Operating Procedures (SOPs) for effective use of hardware asset management (HWAM), software asset management (SWAM), Configuration Settings Management (CSM), and Vulnerability Management (VUL) tools.
  • Reduce Agency-Wide Adaptive Risk Enumeration (AWARE) scores, enhance FISMA metrics, and align efforts with the organization's cybersecurity goals.
  • Manage account access, privileges, trust determinations, credentials, authentication, and security training to ensure comprehensive access control and adherence to security protocols.
  • Establish efficient processes for the intake, prioritization, and analysis of vulnerability reports from automated scanning tools, security researchers, and internal assessments.
  • Oversee the management of network and perimeter components, host and device components, data protection, and user behavior through capabilities such as event management, operational monitoring and improvement, secure design, boundary protection, and supply chain risk management.
  • Manage data protection initiatives, including data discovery and classification, data loss prevention, data breach mitigation, and information rights management.
  • Develop and implement a CDM Operational Methodology that includes continuous asset and risk discovery, environmental monitoring, risk analysis and reporting, and cyber risk mitigation.
  • Utilize CDM tools to identify enterprise security risks and deliver actionable insights to stakeholders.
  • Analyze existing CDM tools, recommend enhancements, and standardize operations to maximize effectiveness.
  • Provide recommendations for license management by assessing unused or misused licenses to improve efficiency and reduce costs.
  • Create actionable risk reports based on data from CDM tools and present findings to stakeholders for informed decision-making.
  • Consult with and advise various teams on internal controls, security procedures, and solutions for technical challenges and prioritization.
  • Prepare activity and progress reports related to information systems audits, offering visibility into vulnerability management efforts.
  • Performs other job-related duties as assigned


Cybersecurity Information Assurance Engineer Experience, Education, Skills, Abilities requested:
  • Bachelor's degree in Cybersecurity, Information Technology, or a related field.
  • Minimum 8 years of experience in cybersecurity, with a focus on vulnerability management, information assurance, and enterprise cybersecurity strategies.
  • IAT Level III certification (e.g., CISSP, CISM, or equivalent).
  • Strong knowledge of Continuous Diagnostics and Mitigation (CDM) tools and the capabilities of HWAM, SWAM, CSM, and VUL.
  • Proven experience in developing and implementing security control guidelines, internal controls, and processes for managing vulnerabilities across large enterprise environments.
  • Experience managing account/access/privileges, trust determination, and credentials to ensure secure access control.
  • In-depth knowledge of vulnerability management tools, risk analysis, and automated scanning technologies.
  • Strong understanding of federal compliance requirements, including FISMA, and experience improving metrics to align with cybersecurity goals.
  • Demonstrated ability to lead cross-functional teams and coordinate with external vendors and integrators to achieve security objectives.
  • Experience in managing supply chain risk management (SCRM) and implementing boundary protection controls preferred.
  • Familiarity with the operationalization of data protection and discovery tools, data loss prevention (DLP), and incident mitigation preferred.
  • Proficiency in developing and maintaining CDM operational methodologies and guiding teams on risk discovery and mitigation processes preferred.
  • Past applicable job experience may include, but is not limited to: Information Security Engineer, Cybersecurity Assurance Specialist, or Information Assurance Analyst
  • Must pass pre-employment qualifications of Cherokee Federal


Company Information:

Cherokee United Services (CUS) is a part of Cherokee Federal - the division of tribally owned federal contracting companies owned by Cherokee Nation Businesses. As a trusted partner for more than 60 federal clients, Cherokee Federal LLCs are focused on building a brighter future, solving complex challenges, and serving the government's mission with compassion and heart. To learn more about CUS, visit cherokee-federal.com.

#CherokeeFederal #LI-DNI

Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply.

Similar searchable job titles
  • Information Security Engineer
  • Cybersecurity Assurance Specialist
  • Information Assurance Analyst
  • Security Compliance Engineer
  • Risk Management Engineer

Keywords
  • Information Assurance
  • Risk Management
  • Compliance Standards
  • Security Audits
  • Vulnerability Assessment


Legal Disclaimer: Cherokee Federal is an equal opportunity employer. Please visit cherokee-federal.com/careers for information regarding our Affirmative Action and Equal Opportunity Employer Statement, and Accommodation request.

Many of our job openings require access to government buildings or military installations. Candidates must pass pre-employment qualifications of Cherokee Federal.