THE CHALLENGE:

The security of Information Technology assets in today’s information age is a top priority in aligning our military forces for the future operating environment. What if you could use your cybersecurity knowledge and experience to assist US Cyber Command in those efforts?

• A&A Package Management: Create, manage, and maintain Authorization and Accreditation (A&A) packages, including System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), Plans of Action and Milestones (POA&Ms), and other necessary artifacts.
• Data Management: Support the entry and maintenance of data in information system security systems of record, such as the Enterprise Mission Assurance Support Service (eMASS) or Xacta.
• Risk Mitigation and Compliance: Ensure that applications entering production environments minimize risk and comply with established program policies and requirements. This includes assessing and mitigating risks associated with application deployment and operation in cloud environments.
• Lifecycle Cybersecurity Management: Drive cybersecurity activities across all phases of the system lifecycle, including planning, development, deployment, and maintenance. Ensure that all systems are appropriately hardened and that security analysis is conducted to protect the Confidentiality, Integrity, and Availability (CIA) of the environment.
• Stakeholder Communication: Regularly brief Security Control Assessors (SCAs) and Authorizing Officials (AOs) on the cybersecurity posture of the information system, providing weekly updates as needed.
• Continuous Monitoring: Manage and implement the Continuous Monitoring Plan, which includes quarterly reviews of controls, Automated Continuous Analysis System (ACAS) vulnerability scans, and Penetration Test Reports.
• POA&M Development and Maintenance: Develop and maintain POA&Ms to track system vulnerabilities, mitigation efforts, and remediation actions. Provide fix actions and compensating controls, and perform reviews and stakeholder briefings as necessary