Information Assurance (IA) Manager

Job Requirements MCB Quantico, VA Top Secret/SCI Polygraph Unspecified Career Level not specified Salary not specified Join Premium to unlock estimated salaries Job Description Job Description Everforth ECS is seeking a seasoned Information Assurance (IA) Manager to oversee IA support activities for federal clients. This role requires deep experience managing information systems security compliance, A&A package management, and continuous monitoring in support of DoD and Marine Corps programs Information Assurance & Compliance Oversee support of IA activities for assigned federal clients, including management and accurate reporting of OPDRS and related security tracking systems. Ensure full compliance with USMC security requirements pursuant to DoDD 5200.2, DoDI 8500.2, and DoD 8570.01-M. Advise Program Managers and ISSMs on all 18 NIST security control families, including PHI and PII overlays. Implement and maintain the DoD IA Risk Management Framework (DIARMF) in accordance with NIST requirements. A&A Package & Authorization Management Direct self-assessments and conduct IV&V activities as a certified Marine Corps Validator. Maintain ATO package currency, including MCCA packages within MCCAST, covering Ports, Protocols, and Services (PPS) updates. Manage A&A packages and provide certification recommendations to the Authorizing Official (AO). Continuous Monitoring & Vulnerability Management Conduct and manage Information Systems Continuous Monitoring (ISCM) planning and implementation. Perform vulnerability scanning using ACAS, Retina, and SCAP; develop, submit, and track POA&Ms. Track and report on

IAVA/IAVB

compliance and remediation. Supervise security tool operations including eMASS, F5, and ACAS Security Center. Risk Analysis & Cyber Security Assessments Provide and maintain Risk Analysis and Management documentation. Conduct IS environment cyber security assessments as required by DoD policy and regulations. Coordinate with internal and external entities, including penetration testing teams such as MFCC and CPT. Policy & Incident Response Maintain and annually revaluate internal Cyber Security Policy and Standard Operating Procedures (SOPs). Write and maintain policy documentation addressing DIARMF security controls, System Security Plans (SSPs), and SOPs. Coordinate Annual Reviews for Contingency Planning and Incident Response. Investigate and respond to security incidents; conduct weekly IA briefings for new personnel. Access & Personnel Security Ensure all personnel complete required System Authorization Access Reports (SAAR), DD Form 2875 prior to system access. Deny system access to any personnel who do not hold proper and current IA certifications . Ensure compliance with non-disclosure requirements in accordance with DoDI 8582.01. Required Skills Required Qualifications Active Top Secret with SCI eligibility. CISSP or equivalent security certification. DoD Directive 8140.01 DCWF compliance - certification requirements; DoD Manual 8140.03 establishes baseline qualification for distinct work roles. Minimum 5+ years of experience in information assurance or cybersecurity. Strong understanding of the RMF steps. Hands-on experience with GRC Platforms for ATO and A&A package management. eMASS desired but not required . Strong working knowledge of NIST security control families and federal compliance frameworks. Experience supporting Marine Corps or DoD programs is highly preferred. Desired Skills

ISACA CISA

(Certified Information Systems Auditor)

ISC2 CCSP

(Certified Cloud Security Professional) AWS Certified Cloud Practitioner or higher F5 Networks Advanced Firewall DISA Assured Compliance Assessment Solution (ACAS) Palo Alto or other firewall rules management AWS Workspaces, Cloudwatch , IAM, (other security tools we are using for monitoring).

group id:

10112231A Apply now