ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are a top veteran employer and Certified Great Place to Work™

JOB DESCRIPTION

ASRC Federal is looking for an experienced IA Policy and Compliance Certified Professional – Intermediate to support their work with the U.S. Army Contracting Command (ACC) Chief Information Officer (CIO) G6 at Redstone Arsenal, AL. This position supports the development, implementation, and maintenance of cybersecurity policies, standards, and procedures, ensuring compliance with applicable Department of Defense (DoD), Army, and ACC regulations.
The Intermediate IA Professional will work with a team of intermediate-level and senior-level personnel, focusingon all aspects of Risk Management Framework (RMF) activities, cybersecurity assessments, and incident response. This role requires a deep understanding of cybersecurity principles, a strong analytical ability, and excellent communication skills to effectively convey complex information to both technical and non-technical audiences.

REQUIRED QUALIFICATIONS

Minimum of 3years of experience in cybersecurity, with a focus on policy development, RMF implementation, and compliance.

EDUCATION REQUIRMENTS

Bachelor’s degree in information technology, Cybersecurity, Data Science, Information Systems, or Computer Science from an ABET-accredited or CAE-designated institution. 4+ additional years of relevant experience will be considered in lieu of a degree.

Maintain current Authority to Operate (ATO) status for ACCsystems and provide RMF guidance and support to other ACC locations with similar systems.
Update and maintainthe eMASSrecord for all ACC systems under the Professional’s purview.
Develop, update, and/or modifythe system-level artifacts (e.g., TTPs, plans, policies, procedures, hardware/software lists, data flow, system architecture diagrams, PIAs, Ports/Protocols/Services, MOA/MOU, etc…) and ensure they are associated with corresponding controls in eMASS.
Obtain, run, analyze, and import all applicable vulnerability scanners and compliance checkers as required, including STIGs, Nessus/ACAS Scans, etc…
Track and report IAVAs related to ACC systems.
Create, modify, and/or maintainall aspects of the implementation plan and test results, as defined by DOD, Army, NETCOM, and ACC requirements.
Develop, monitor, and maintain POA&Ms as required.
Create, modify, and/or maintainall aspects of CONMON.
Utilize existing or develop custom solutions to facilitate RMF requirements, reduce timelines and provide up-to-date status reporting of compliance