ECS

Information Assurance (IA) Manager

ECS$100K — $130K *
Quantico, VA 22134In-Person
Aerospace & Defense
5 - 7 years of experience
Today
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • Active Top Secret with SCI eligibility
  • CISSP or equivalent security certification
  • Minimum 5+ years of experience in information assurance or cybersecurity
  • Strong understanding of RMF steps
  • Hands-on experience with GRC Platforms for ATO and A&A package management (eMASS preferred)
  • Knowledge of NIST security control families and federal compliance frameworks
  • Experience with Marine Corps or DoD programs highly preferred

Responsibilities

  • Oversee IA activities for assigned federal clients and security tracking systems
  • Ensure compliance with USMC security requirements per DoD directives
  • Advise on the 18 NIST security control families including PHI and PII overlays
  • Implement and maintain the DIARMF according to NIST requirements
  • Conduct self-assessments and IV&V activities as a certified Marine Corps Validator
  • Maintain ATO package currency, including MCCA packages updates
  • Manage continuous monitoring planning and vulnerability scanning

Benefits

  • Opportunities for professional development and certifications
  • Access to advanced cybersecurity tools and resources
  • Supportive work culture geared toward federal compliance
  • Potential for remote or flexible work arrangements
  • Engagement with high-profile federal clients and programs
Full Job Description
Everforth ECS is seeking a seasoned Information Assurance (IA) Manager to oversee IA support activities for federal clients. This role requires deep experience managing information systems security compliance, A&A package management, and continuous monitoring in support of DoD and Marine Corps programs

Information Assurance & Compliance

  • Oversee support of IA activities for assigned federal clients, including management and accurate reporting of OPDRS and related security tracking systems.
  • Ensure full compliance with USMC security requirements pursuant to DoDD 5200.2, DoDI 8500.2, and DoD 8570.01-M.
  • Advise Program Managers and ISSMs on all 18 NIST security control families, including PHI and PII overlays.
  • Implement and maintain the DoD IA Risk Management Framework (DIARMF) in accordance with NIST requirements.

A&A Package & Authorization Management

  • Direct self-assessments and conduct IV&V activities as a certified Marine Corps Validator.
  • Maintain ATO package currency, including MCCA packages within MCCAST, covering Ports, Protocols, and Services (PPS) updates.
  • Manage A&A packages and provide certification recommendations to the Authorizing Official (AO).

Continuous Monitoring & Vulnerability Management

  • Conduct and manage Information Systems Continuous Monitoring (ISCM) planning and implementation.
  • Perform vulnerability scanning using ACAS, Retina, and SCAP; develop, submit, and track POA&Ms.
  • Track and report on IAVA/IAVB compliance and remediation.
  • Supervise security tool operations including eMASS, F5, and ACAS Security Center.

Risk Analysis & Cyber Security Assessments
  • Provide and maintain Risk Analysis and Management documentation.
  • Conduct IS environment cyber security assessments as required by DoD policy and regulations.
  • Coordinate with internal and external entities, including penetration testing teams such as MFCC and CPT.

Policy & Incident Response

  • Maintain and annually revaluate internal Cyber Security Policy and Standard Operating Procedures (SOPs).
  • Write and maintain policy documentation addressing DIARMF security controls, System Security Plans (SSPs), and SOPs.
  • Coordinate Annual Reviews for Contingency Planning and Incident Response.
  • Investigate and respond to security incidents; conduct weekly IA briefings for new personnel.

Access & Personnel Security

  • Ensure all personnel complete required System Authorization Access Reports (SAAR), DD Form 2875 prior to system access.
  • Deny system access to any personnel who do not hold proper and current IA certifications.
  • Ensure compliance with non-disclosure requirements in accordance with DoDI 8582.01.


Required Qualifications

  • Active Top Secret with SCI eligibility.
  • CISSP or equivalent security certification. DoD Directive 8140.01 DCWF compliance - certification requirements; DoD Manual 8140.03 establishes baseline qualification for distinct work roles.
  • Minimum 5+ years of experience in information assurance or cybersecurity.
  • Strong understanding of the RMF steps.
  • Hands-on experience with GRC Platforms for ATO and A&A package management. eMASS desired but not required.
  • Strong working knowledge of NIST security control families and federal compliance frameworks.
  • Experience supporting Marine Corps or DoD programs is highly preferred.

About ECS

ECS is a leading provider of digital solutions and services to the federal government. The company was founded in 2001 by Roy Kapani and has since grown to become a trusted partner to a wide range of government agencies. ECS offers a broad range of services, including cloud computing, cybersecurity, and artificial intelligence. The company has been recognized for its innovative solutions and has won numerous awards, including the AWS Public Sector Partner of the Year award.
Learn more about ECS
Size
2,000 employees
Industry
Information Technology
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at ECS

More Aerospace & Defense Jobs

Find similar Information Assurance (IA) Manager jobs:

NationwideQuantico, VA