The Surface Ship Readiness and Sustainment Office, leads and manages a comprehensive portfolio of programs that provide surface ships with the highest level of operational readiness and sustain ships at peak capability through their service life. The Programs primary functions relate to readiness, sustainment, and lifecycle management. This Program assesses ships and systems, acts upon fleet readiness issues, and supports the surface fleet with programmatic, logistical, technical, and engineering services and products.
In this position, you will act as Information System Security Manager (ISSM) for our client. You will assist the Navy Organization with Software and Information Technology (IT) efforts related to training system acquisition and Information Assurance (IA) accreditation. The ISSM also assist with all actions required to ensure systems achieve and maintain Authority to Operate (ATO). Involved in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments.
Duties and Responsibilities
- Conduct Assessment and Authorization (A&A) and Certification and Accreditation (C&A) activities through the Risk Management Framework (RMF) for Defense Business Systems, Research, Development, Test and Evaluation (RDT&E), and Platform Information Technology (PIT) ISs and networks within Navy Enterprise Mission Assurance Support Services (eMASS) or its successor, in accordance with current DoD, DON, and NAVSEA policies.
- Conduct in-depth technical reviews of A&A and C&A documentation from the Program Executive Offices (PEOs) and field activities seeking authorization and/or accreditation from the Navy Authorizing Official (NAO) or the Functional Authorizing Official (FAO) in accordance with appropriate policies and procedures.
- Based on the technical reviews conducted, the contractor shall develop recommendations for corrective actions and/or courses of action. This includes, but is not limited to, recommendations on the following:
- validating test procedures, validating artifacts, validating plans and procedures, compliance status, validating tests, and validating results/repots and supporting documentation.
- Assist Surface Ship Readiness and liaison the Program field activities in preparing their A&A and/or C&A documentation for submission to the NAO/FAO Schedule and facilitate collaboration meetings.
- Assist in executing Cyber Security Assistance Visits at various activities with focus on the A&A and C&A efforts of the activity being assisted. Trips are usually 3 to 5 days in duration and estimated to occur 6 to 8 times per year
- Maintain the Department of Defense Information Technology Portfolio Repository – Department of the Navy (DITPR-DON) database, used to record the present status of all NAVY IT systems.
- Assist the Cyber PM, Warfare centers and engineering agents in the implementation and execution of DOD and DON cyber directives and policy and directives and policies.
- Provide reports as required such as, but not limited to, weekly metrics regarding A&A packages, risk metrics and data calls.
Mandatory Education & Experience
- An Active DoD Issued, Secret Security Clearance is Required at time of application.
- Bachelor’s degree in Information Assurance, Computer Science or a related field plus 8-10 years of directly related experience.
- Educational requirements may be adjusted or waived for applicable work experience and / or CISSP certification.
- Working knowledge of Navy IT shipboard systems.
- Cyber experience.
- Programmatic experience.
- HM&E systems knowledge and experience.
- Working knowledge of Enterprise Mission Assurance Support Service (eMASS) and Risk Management Framework (RMF) and ability to assess security controls.
- A base Information Assurance Certification in one or all of the following, e.g., CISSP, CISM, CAP, or GSLC.
- Proficiency with Navy Certification and Accreditation (C&A) processes.
Knowledge, Skills and Abilities
- Experience with Navy training systems, Shipboard experience and Navy organizations .
- Ability to communicate effectively and clearly present technical approaches and findings.
- Ability to apply technical expertise and may have knowledge of other related disciplines.
- Ability to work effectively in a diverse work group.
- Excellent written and verbal communication skills.