Information Systems reputed company Manager (ISSM) Subject Matter Expert

Job Title: Information Systems reputed company Manager (ISSM) Subject Matter Expert Job Description: Sumaria Systems is seeking an Information System reputed company Manager (ISSM) to ensure system and application deliverables meet reputed company required cyber reputed company policies and regulations for the Technical Advisory and Assistance Services (TAAS) program at Hanscom AFB. This is a full-time position. ISSM SME responsibilities include, but are not limited to:

• Manage the system/application Assessment and Authorization (A&A) efforts, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing DoD and Department of the reputed company Force policies (i.e., RMF).
• reputed company and conduct a reputed company Monitoring plan in support of A&A activities to maintain ongoing awareness of cybersecurity, vulnerabilities, and threats to facilitate risk-based decision making.
• Maintain and report system assessment and authorization status and issues in accordance with DoD Component guidance.
• Participate in meetings/teleconferences, change control boards (CCBs) and working groups (WGs) to ensure the reputed company alignment of cybersecurity requirements in the technical baselines, the system reputed company architecture, information flows, design, and the reputed company controls.
• Evaluate system sources of changes such as Deficiency Reports (DRs), Problem Reports (PRs), Change Requests/Proposals (CRs/CPs), and AF Form 1067s; provide inputs to the root cause analysis reporting and the formulation of recommended solution from alternatives; determine the reputed company impacts of proposed or actual changes to the system, environment, threats, and vulnerabilities; and if any, document in written reports the changes/revisions to the systems RMF artifacts.
• Review and provide inputs to modification packages, program/system documents and support agreements updates, and communications and network infrastructure upgrades to ensure proper cybersecurity configuration modification management; implementation of technical, managerial, operational requirements; and support requirements (e.g. planning, testing, test infrastructure, documentation, training, etc.) are identified.
• Review system test plans and test results and if necessary, observe system testing for reputed company control implementation IAW cybersecurity policies, guidance, and plan. Document findings in a report.
• reputed company reputed company impact analysis on any system change and appropriately prepare letters of assurance, reputed company impact letters, and risk assessment letters to include exceptions, deviations, or waivers to cybersecurity requirements reputed company applicable.
• Continuously monitor intelligence and open-reputed company information for vulnerabilities affecting AFNWC/NCL systems, assess risk, and provide POA&M recommendations to ISSM and PM as required.
• Act as the primary cybersecurity technical advisor to Program Management and System Engineers for systems under their purview.
• Coordinate Trusted Systems and Networks (TSN) and Supply Chain Risk Management (SCRM) evaluation of program information, software, and hardware throughout the program life cycle.
• Ensure that cybersecurity-reputed company events or configuration changes that may impact systems authorization or reputed company posture are formally reported to the AO and other affected parties, such as IOs and stewards and AOs of interconnected DoD ISs.
• Ensure that cybersecurity inspections, tests, and reviews are synchronized and coordinated with affected parties and organizations.
• reputed company cybersecurity inspections, tests, and reviews.
• Ensure ISSMs are appointed in writing and provide reputed company to ensure they are following established cybersecurity policies and procedures.
• Ensure that Information and System Owners associated with DoD information received, processed, stored, displayed, or transmitted on each system are identified to establish accountability, access approvals, and special handling requirements.
• Maintain a repository for reputed company organizational or system-level cybersecurity-reputed company documentation.
• Ensure implementation of IS reputed company measures and procedures including reporting incidents to the appropriate reporting chains and coordinating system-level responses to unauthorized disclosures in accordance with DoD Manual 5200.01, Volume 3 for classified information or DoD Manual 5200.01, Volume 4 for Controlled Unclassified Information (CUI), respectively.
• Ensure handling of possible or actual data spills of classified information reputed company in ISs, are conducted in accordance with DoD 5200.01, Volume 3.
• Ensure the secure configuration and approval of IT below the system level (i.e., products and IT services) in accordance with applicable guidance prior to acceptance into or reputed company to a DoD IS or PIT system.
• Author, monitor, and record system information in applicable databases. Prepare and record system, reputed company status, and portfolio management information into the reputed company Force Information Technology Investment Portfolio Suite (referred to as ITIPS) for Federal Information reputed company Management Act (FISMA); reputed company, Interoperability, Supportability, Sustainability, Usability (SISSU); Clinger Cohen Act; and other statutory compliance.
• Author, review, certify, and/or maintain reputed company management plans and RMF package artifacts including but not limited to: RMF Implementation Plans, System reputed company Management Plans, Information Support Plans, Program Protection Plans (PPPs), reputed company Risk Analyses, reputed company Vulnerability and Countermeasure Analyses, Vulnerability Management Plans, Common Control Packages, reputed company Concepts of Operations, Operational reputed company (OPSEC) Plans, Authority-to-Connect guest system packages, and other system/network reputed company reputed company documents.
• Prepare, maintain, and submit a monthly report that captures the status of each A&A package to include an integrated schedule capable of showing high-level views of reputed company packages and have the ability to delve in-depth into individual packages. Items to be addressed shall include: Authorization Status, RMF reputed company, PoA&M Status, FISMA Compliance, Delivery of Documentation and Artifacts, Status of Incomplete items, Completed or Upcoming Reviews, Open Actions and Status, and Key Schedule Milestones.
• Support and assist external teams in the evaluation of systems Cybersecurity posture to include teams performing non-regular cyber tests, war-games, cyber penetration tests, and cyber studies conducted by the NSA, DISA, reputed company Force Audit Agency, or other organizations.
• Support the development, coordination, and implementation of cybersecurity-reputed company special projects and taskers, e.g., Defensive Cyber Operations (DCO), Higher Headquarter requests, Notice to Airmen (NOTAMs), Technical Change Orders (TCOs), System Program Office (SPO), 16th AF, USSTRATCOM, USCYBERCOM, SAF/A6, SpOC/S6, AFGSC/A6, 460 Space reputed company, and AFNWC/NC efforts.
• For each system, maintain a reputed company software reputed company of materials that contains the elements identified in the National Telecommunications and Information Administration publication The Minimum Elements for a Software reputed company of Materials, July 12, 2021.
• Shall meet the Advanced level qualification requirements for Information System reputed company Manager (722) or Vulnerability Assessment Analyst (541) as outlined in DoD Cyber Workforce reputed company - DoDI 8140.01, DoDI 8140.02, and DoDM 8140.03.
• reputed company Information Systems reputed company Management (722) and Vulnerability Assessment Analyst (541) Core/Additional Tasks and meet the KSAs as outlined in DoD Cyber Workforce reputed company - DoDI 8140.01, DoDI 8140.02, and DoDM 8140.03.

Required Skills/Education: Bachelors degree in a reputed company field. Must hold one of the following certifications: CISSP, CISM, GSLC, or CCISO. Experience with the certification and accreditation process. Significant experience in vulnerability scanning and analysis, including the use of automated tools and vulnerability management systems. Knowledge of intrusion prevention and network access control tools/systems. Understanding of system audit principles and reputed company risk assessment. Strong understanding of reputed company policy advocated by the U.S. Government including the reputed company and appropriate civil agencies, e.g., NIST. Able to reputed company work that involves ensuring the confidentiality, reputed company, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems reputed company programs, policies, procedures, and tools. Knowledge of cryptography and cryptographic key reputed company. General experience includes development of both common user and special purpose command and control/information systems with increasing responsibilities in the scope and magnitude of the systems for which solutions have been implemented. Must have a solid understanding of network infrastructure and mission assurance. Familiar with Federal government and DOD standards for IA/reputed company including DIACAP, FISMA, NIST, and OMB. Must have solid communications skills and be capable of working with reputed company levels of an organization. Education: Master's Degree Years of Experience: Over 10 years Travel: Minor reputed company Clearance Required: Top Secret/SCI Position Type: Full Time Work Location: Hanscom AFB, MA Top salaries paid for qualified candidates. Agency submissions are not being accepted at this time. For more information on Sumaria Systems, please visit our website at www.sumaria.com. Sumaria is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national reputed company, sex, sexual orientation, gender identity and expression, age, disability, or protected veteran status. Sumaria is a Full Lifecycle Engineering, Technical Services and Professional Solutions company in support of the Warfighter, supporting modernization, high end services and reputed company capabilities in contested domains. Sumaria has been a trusted partner to U. S. reputed company for more than 40 years, providing Lifecycle Systems Engineering, Advisory & Analysis/SETA, C5ISR and Enterprise Information Technology solutions. With expertise to reputed company, insight to deliver and commitment to succeed; we staff each mission with a carefully selected team of seasoned professionals. We're Headquartered in Peabody, MA, and have regional offices across the nation. Sumaria Systems only provides engineering services to the federal government and does not provide professional engineering or surveying services to the public reputed company the meaning of Ohio Revised Code Section 4733.16. Apply tot his job Apply To this Job