Credence Management Solutions, LLC Information System Owner (ISO) in Remote, United States
Credence Management Solutions, LLC (Credence) is seeking a Information System Security Officer for the 48 FW Authority to Operate (ATO) Snap-on Automated Tool Control Boxes. Two phase project requires securing an ATO to allow use in off-network configuration, followed by securing an Authority to Connect (ATC) to operate on AFNet.
Ensure the development, maintenance, and tracking of the system security plan for the assigned IT.
Ensure that the development of an ISCM strategy is consistent with DoDI 8510.01.
Report the security status of the IT, to include the effectiveness of all implemented security controls
Communicate access control requirements and complete any ISO-directed security training.
Develop a plan of action and milestones for all identified weaknesses and the appropriate steps to mitigate those weaknesses.
Ensure that the appropriate steps are taken to reduce or eliminate the identified weaknesses, then generate the security authorization package and submit the package(s)
Ensure that the consolidated RMF documentation is maintained for systems with instances at multiple locations.
Review the security controls and risk assessment results before submitting the security authorization package, ensuring that the system’s cybersecurity posture satisfactorily supports mission, business and budgetary needs.
Ensure that the system is deployed and operated according to the approved security plan and the authorization package.
Bachelor Degree in Computer Science, Information Systems Security, Information Systems, or related discipline
Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Manager Level 2 requiring one of the following certifications: CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, or CCISO.
Must be a US Citizen and able to complete a NACI level clearance
5 years of experience ensuring compliance within the RMF process.
Experience completing tasks such as Security Control Validation in the DoD/AF directed cybersecurity management tool, currently Enterprise Mission Assurance Support System (eMASS), Account Management of the DoD/AF directed cybersecurity management tool, e.g. eMASS, and Federal Information Systems Management Act (FISMA) compliance.
Must have experience related to Assessment & Authorization (A&A)
Must have experience with all phases from start to finish of system accreditation via Risk Management Framework (RMF), as well as experience with associated tools (eMASS, Information Technology Investment Portfolio Suite (ITIPS), Security Technical Implementation Guides (STIG) viewer) and standards.
Must have familiarity with Air Force, DoD, and national cybersecurity standards, policies, and directives.
RMF authorization package documentation with required artifacts
ATO creation and Maintenance
Job ID: 2020-4102
External Company URL: http://credence-llc.com/