Cybersecurity Risk Management Framework (RMF) Functional ISSO Full-time JBSA-Ft. Sam Houston (San Antonio), TX
About UsTrideum Corporation is a 100% employee-owned company, committed to embracing the world's toughest challenges with a servant's heart. Through dedicated hard work and commitment, we provide distinctive quality and unparalleled customer service in all aspects of our business. We also know that our employees are the key to our success, and it is our mission to take care of them so they can take care of our customers and communities where we live, work, and play.
Position SummaryWe are seeking a cybersecurity professional who is passionate about the implementation and compliance of cybersecurity requirements within DoD. The Cybersecurity RMF Functional ISSO assists the Information System Owner (ISO) with establishing policies and ensuring a valid Authority To Operate-Type (ATO-Type) is managed in Enterprise Mission Assurance Support Service (eMASS) for the eleven CONUS Mission Training Complexes (MTC).
The selected candidate will work on-site full-time at Joint Base San Antonio (JBSA) IMCOM HQ located on Ft. Sam Houston.
This is an exciting opportunity for a successful applicant to share their cybersecurity technical expertise, RMF knowledge, conduct staff assistance visits (SAV), and ensure cybersecurity is implemented on DoD systems. This role will require proactiveness, responsiveness, and discipline to meet program, Government, and staff requirements.
What You'll Do
- Maintain compliance and inspect Type- Authority-To-Operate (ATO) records in Enterprise Mission Assurance Support Service (eMASS) for eleven IMCOM CONUS Mission Training Complexes (MTC).
- Manage and track Authorizing Official (AO) / Program (P)-ISSM authorization decisions, taskers, and due outs, and then assist in the publishing of orders to MTC's.
- Track AO authorization decisions for hosted and interconnected IS and Program IT (PIT) systems.
- Help establish and track standards for Type-ATO eMASS records and RMF related documents.
- Assist and inspect MTC Plan of Action and Milestones (POA&M) and review monthly updates.
- Develop, maintain, and assist in publishing RMF / security audits and inspections checklists.
- Establish standards and provide guidance for eMASS record structure for the eleven IMCOM MTCs.
- Continuously monitor eMASS and APMS records for RMF compliance.
- Report the security status of the Information Systems, including the effectiveness of security controls employed within and inherited by the system, to the AO and other appropriate organizational officials on an ongoing basis, in accordance with the monitoring strategy.
- Participate in working groups and IPRs, update running estimates, and assist in maintaining RMF Team SharePoint portal cybersecurity documentation in support of gaining system-level RMF 2.0 ATO/continuous monitoring (CONMON).
- Standardize and maintain policies for 18 RMF families supporting the operations and security of the MTCs' operated networks.
- As required, conduct Staff Assistance Visits (SAV) to the eleven CONUS MTCs to conduct RMF planning, assistance, audits, and inspections: up to 25%.
- Assist the Army Materiel Command (AMC) P-ISSM to conduct Security Control Assessor-Validation (SCA-V) and conduct periodic compliance visits and ensure MTCs are operating IAW the ATO.
- Assist in the development, maintenance, and publish standards for training and appointment orders, DD Form 2875 System Authorization Access Request (SAAR) for MTC site ISSM, ISSO, Network, and System Administrators.
- Track MTC ISSMs, ISSOs, Networks, and System Administrators in the Army Training and Certification Tracking System (ATCTS) for compliance with DoD, Department of the Army (DA), AMC, and IMCOM standards.
- Develop and manage a training program to ensure that all cybersecurity personnel receive the necessary technical and security training to carry out their duties and maintain certifications.
Requirements and Qualifications:
- DoD 8570 Information Assurance Management (IAM) level I certification (minimum); DoD 8570 Certified Information Systems Security Professional (CISSP) Auditor (preferred).
- Bachelor's degree in IT or a related field or DoD 8570 IAM level II and DoD 8570 CISSP Auditor.
- Eight (8) years of network architecture design and implementation experience.
- Possess a strong understanding of communications support to US Army operations and training; US Army simulations architectures and capabilities; US Army Regulations and policies.
- Fully understand the DoD RMF certification and accreditation process, cybersecurity requirements, eMASS, and APMS.
- Knowledgeable in SharePoint administration.
- Possess current US SECRET clearance (minimum); TOP SECRET clearance with Sensitive Compartmented Information (SCI) background investigation (preferred).
- Be a US Citizen.
Desired Qualifications
- Military service with experience as an ISSO, ISSM or areas like those listed under required qualifications.
- Overall familiarity with US Army training, Training Aids, Devices, Simulators, and Simulations (TADSS), and Mission Command Information Systems (MCIS).
- Military service in Signal/Communications/Cyber unit and/or functional areas.
We Take Care of Our PeopleWhether you're looking to launch a new career or grow an existing one, Trideum is the type of company where you can balance great work with great life because we believe that taking care of our people is the right thing to do. Trideum offers:
- Competitive pay based on the work you do here and not your previous salary.
- Traditional benefits such as medical, dental, vision, life, disability, and 401k matching.
- Paid leave and the ability to cash out leave.
- Free access to certified financial planners, wellness and support services, and discount programs.
- Education assistance and professional development opportunities.
- And much more.
Ready to Apply?Start Your Application now!
Equal Opportunity EmployerAll qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other characteristic protected by law. People with disabilities who need a reasonable accommodation to apply or compete for employment with Trideum may request such accommodation(s) by contacting Human Resources at 256.###.#### or ...@trideum.com.