C2 Essentials
SR Cybersecurity Policy Administrator/ISSM
C2 Essentials, Fort Belvoir, Virginia, 22060
This position is 100% REMOTE. We are looking for a Cybersecurity Policy Administrator to support our Army government customer at Ft. Belvoir, VA (five days a week). We are seeking a highly motivated and seasoned professional to support PEO EIS Army ALTESS. Job Responsibilities: This position is for a Cybersecurity Policy Administrator/ISSM supporting the ALTESS commercial cloud customers who reside in Amazon AWS (Gov/DoD). ALTESS is a managed service provider (MSP) for Army IT systems, and we support enterprise applications owners in migrating their systems into Amazon AWS and also provide sustainment services to support their applications. This position is for a cybersecurity policy administrator role to support a full range of cybersecurity services that ALTESS provides to all our customers. Required Skills and Experience • Senior level Cybersecurity Policy Administrator experience in a cloud environment. • Perform Information System Security Manager (ISSM) role as defined in AR 25-2. • Serve as overall subject matter expert on Cybersecurity Policy Administration. • Implement and support the organization's RMF activities, update Policies, Procedures, and other documentation as required to maintain RMF baseline. • Establish and/or enhance procedures related to RMF compliance. • Work within Enterprise Mission Assurance Support Service (eMASS) to add and update documentation, import ACAS and STIG files, work with POA&Ms, and all other aspects of eMASS management. • Work between technical and policy teams to implement, maintain, and monitor technical security configuration controls, including Security Technical Implementation Guides (STIGs), Security Requirements Guides (SRGs), and other industry security hardening guidance. • Work between technical and policy teams to successfully implement and manage requirements for maintaining Authority to Operate (ATO) and security control inheritance capabilities. • Collaborate with internal and external parties to transform high-level technical objectives into comprehensive technical requirements. • Oversee activities of supporting ISSO(s) for hosted systems. • Assist hosted customers in obtaining and maintaining RMF for DOD IT and other certifications as required. • Update and/or assist the hosted system's personnel in updating artifacts of the accreditation package and store the artifacts in organizationally defined repository; i.e., s stem diagram (logical and physical) Hardware/Software/Firmware Inventory, Interface & Ports, Protocols and Services listing, etc. • Assist in the preparation of network infrastructure specifications or designs incorporating required information security features. • Review and evaluate Information Systems Design Plans, Continuity of Operation Plans, Communication Plans, engineering change proposals and configuration changes for compliance with relevant security regulations, policies, and best industry practice. • Interact with customer ISSOs/ISSMs on a regular basis. • Extensive eMASS experience is required. Experience with all aspects of eMASS to include: • Importing technical/scan data into eMASS. • Creating/maintaining POA&Ms. • Maintaining HW/SW list. • Entering/updating Test Results. • Preparing decision briefings for senior leaders. • Strong verbal and written communication skills. • Experience effectively managing multiple large-scale projects. • Understanding of network, storage, server, and application technologies. • Strong working knowledge of DoD STIGs, and the Information Assurance Vulnerability Management (IAVM) process. Required Education and Certifications • Masters in Technology 10 years experience or Bachelors 12 years experience. • Must have Security and CISSP, CISM or CASP certification; AWS Cloud certification major plus. Required Clearance • Active DoD Secret security clearance required. EOE M/F/Disability/Vet