JCS Solutions LLC (JCS) is a premier technology firm specializing in enterprise-wide capabilities including cloud and infrastructure solutions, cyber security, digital modernization, next generation technologies enablement, software solutions, and mission support services dedicated to providing the highest quality of services and solutions. JCS delivers expert management consulting and information technology (IT) solutions to federal agencies. We are a learning organization that promotes a work culture of collaboration, inclusiveness, inspiration and innovation. JCS has been certified as a Great Place to Work four years in a row and wasawarded as Washington Post's Top Places to Work for 2024. Our employees embody our core values, and we are looking for others who do too!
- Customer Experience: Strive for excellence and delight our clients
- Innovation: Embrace creative thinking to enable continual growth and powerful solutions
- Accountability: Take ownership of and pride in our actions and service delivery
- Inspire: Be inspired to be your best self and have fun in the process
- Integrity: Do the right thing, the right way, every time!
Summary: JCS Solutions has a need for a Tempest Manager to join our growing team providing support services for information systems for Headquarters Air Force (HAF), Air Force District of Washington (AFDW), and other Air Force activities within the AF National Capital Region (AFNCR) missions to include the Pentagon, Joint Base Andrews (JBA), Joint Base Anacostia-Bolling (JBAB). This position offers an excellent opportunity to be part of a high-performing team responsible for supporting a high-velocity collaborative environment, along with tremendous growth potential. If you are interested in a challenge and a great working environment, apply today!
What you will do: Responsibilities: The specific duties include but are not necessarily limited to the following:
- As part of the Information Systems Security Engineers (ISSEs) team will be responsible for monitoring TEMPEST certifications and the development of an RMF accreditation package, including detailing controls, a system scanning plan, POA&M maintenance, and a Body of Evidence validating control implementation.
- Plan and detail the security of a complex mission-critical defense network per the DoD RMF.
- Plan, document, and achieve system Interim Authorization to Test (IATT), Interim Authorization to Operate (IATO), Authorization to Operate (ATO), Authorization to Connect (ATC), Interconnection Security Agreement (ISA) and other approvals as required by the Government Authorizing Official.
- Perform and/or review security assessments of computing environments to identify points of vulnerability, non- compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies.
- Validate and verify system security requirements definitions and analysis.
- Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of security policy and solutions.
- Assess and develop mitigations for system security threats/risks throughout the program life cycle.
- Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. Coordinate IA activities, including responses to security findings, within the IA team and across teams (IA, Infrastructure, Engineering, and Applications).
- Coordinate efforts of IA analysts and engineers to best use resources and accomplish program goals.
- Lead resource management and risk management across operations, identifying and preventing resource constraints and analyzing the results of system changes.
- Organize, monitor, nurture, and continuously improve relationships and communication with stakeholders (i.e., stakeholder management).
- Develop and maintain the Plan of Actions and Milestones (POA&M), Acceptance of Risk (AOR) and other required security documentation processes and procedures.
- Review existing governance, risk, and cybersecurity documentation for compliance with the Risk Management Framework (NIST SP 800 53 Rev 4 and NIST SP 800-37) and Security and Privacy Controls.
- Develop RMF accreditation packages to help systems achieve and maintain their Authorization to Operate (ATO) certification. Identify process improvement opportunities; develop and execute process improvement plans.
- Comfortable in a fast-paced environment.
- Technically strong and able to make quick, sound decisions.
- Excellent communication and collaboration skills are a must.
To be successful, you should have:
- Working knowledge of the Air Force and/or DoD is a plus.
- Experience working with DoD security Accreditation and Authorization.
- Experience with eMASS.
- Experience developing and maintaining accreditation Body of Evidence.
- Experience with Tenable Nessus.
- Understanding of TEMPEST requirements and assessments.
Required Skills and Experience: - Secret DoD Clearance.
- A bachelor's degree and CISSP certification.
- NOTE: Education and experience requirements may be substituted with:
- A master's degree (in subjects described above) and 5 - 7 years of experience and ability to attain 8570 IAT level III certification within 6 months.
- No degree with 15 years of intensive, progressive experience demonstrating the required proficiency levels related to task and current 8570 IAT level III certification.
- Current Certified Information System Security Professional (CISSP) or equivalent 8570 IAT level III certification.
- Security+ Certification
- Minimum/General Experience: 10-12 years of experience.
- Experience with the NIST Risk Management Framework
- Experience with NIST SP 800-53 control development and documentation
- Strong communication skills and ability to multi-task in a fast-paced environment.
It is JCS' policy to promote equal employment opportunities and celebrate diversity. All qualified applicants will receive consideration for employment without regard to sex, race, color, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.