Senior IA Policy and Compliance Lead (RMF SME)

Data Systems Analysts, Inc. is searching for a Senior IA Policy and Compliance Lead (RMF SME Currently, Data Systems Analysts, Inc. (DSA) is seeking a customer focused Senior IA Policy and Compliance Lead to join our team in the Washington DC Metro Area to provide support to the Army and to begin an exciting career within DSA. The Senior Information Security Lead will be responsible for meeting DoD RMF requirements and maintaining the ATO status of several Army enterprise wide collaboration and Identity Management solutions that provide support to more the 1.5 million customers. The IA Policy and Compliance Lead will be responsible for developing and maintaining security related documentation and will be instrumental in ensuring categorization of the Information Systems (IS), selection of the baseline security controls, implementation of security controls, assessment of security controls, authorization of IS, and continuous monitoring of the IS. The Senior Information Security Lead will provide direction and guidance to other personnel to meet deliverable requirements; ensure accuracy of the work of other personnel, operate under deadlines, and be able to work on multiple tasks. Responsibilities Include, But Are Not Limited To

• Manage, and maintain the required hardware/software accreditation and certification for managed systems in all phases of A&A as defined in the DoD Risk Management Framework: System Categorization, Control Selection, Control Implementation, Control Assessment, System Authorization, and Continuous Monitoring.
• Oversee the development of Certification and Security Packages for each accreditation, to include but not limited to, Security Implementation Plan (SIP), POA&M, System Topology, Hardware and Software List and necessary articles/artifacts to fulfill the package, as required.
• Conducting vulnerability scans and audits.
• Manage compliance with Institute of Standards and Technology (NIST) Special Publication 800-53 (current revision) and all other DoD and Army CS/IA regulations, policies, Security Technical Implementation Guide (STIG) and other directives
• Support accreditation package and Plan of Action & Milestones (POA&M) reporting.
• Oversee the IAVM reporting tracking and remediation processes.
• Coordinate with Army CSSP and SIEM organizations to ensure all real-time monitoring data is conforming to organizational standards.

• 10 years of experience with MA/MS or 15 years of experience with a BABS in a relevant field
• 5 years of experience in Information Technology supporting DoD customers
• Active CISSP or equivalent certification.
• B.S. Degree in a relevant field.
• Knowledge and experience identifying, assessing, and documenting compliance against applicable DoD security controls (technical, management, operational), Army and IC regulations, etc., within the RMF package.
• Experience overseeing the security of cloud solutions to include Amazon Web Services (AWS), VMware Cloud, Microsoft Azure, etc. in project phases that include Cloud Migration analysis, preparation, certification and monitoring
• The candidate must have excellent oral and written communication skills, demonstrating an ability to communicate effectively with all levels of staff as well as clients.

• Experience conducting RMF support for Army systems.
• Experience overseeing the security of content management systems (e.g. Adobe Experience Manager, Drupal, SharePoint) .

• MUST HAVE AN ACTIVE DOD SECRET CLEARANCE; this will be verified prior to interview. Therefore, can be considered for this position.