Cybersecurity Lead

Job Type

Full-time

Description

Client Solution Architects (CSA) is currently seeking a Cybersecurity Lead to support a program onsite* in the Washington DC area.

For nearly 50 years, CSA has delivered integrated technology and operational support services to meet the defense and federal sector's most complex enterprise needs. Working from operations centers and shipyards to training sites and program offices, CSA deploys experienced teams, innovative tools and proven processes to advance federal missions.

• Onsite/Hybrid/Remote work schedules subject to change based on contract requirements.
  
  

This position is contingent upon award.

How Role Will Make An Impact

• Lead RMF Implementation: Direct and execute all six phases of the Risk Management Framework (RMF) lifecycle to ensure compliance with Department of the Navy (DON) standards, DoDI 8510, and DoDI 8500.01.
• Manage Assessment and Authorization (A&A): Guide Assessment and Authorization processes, assisting the Package Submitting Office (PSO) with assessment packages managed within eMASS.
• Ensure FISMA Compliance: Provide strategic assistance to the Echelon I Information System Security Manager (ISSM) to maintain current FISMA compliance for approximately thirty systems and various applications.
• Provide FQNV Validation Services: Deliver master-level validation services as a Fully Qualified Navy Validator (FQNV) to guarantee compliance with Navy Authorizing Officials (NAO) and Security Control Assessor (SCA) guidelines.
• Track and Report POA&Ms: Monitor and report on A&A packages and Plan of Action and Milestones (POA&Ms) in eMASS to track the timely closure of open security control findings.
• Manage Security Documentation: Create and maintain formal process documentation, meeting minutes, collaboration records, and internal cybersecurity knowledge base updates to support the Navy SCA liaison and NAO review processes for obtaining Authorities to Operate (ATOs).
• Conduct Vulnerability Management: Serve as the computer network vulnerability testing agent. Analyze Assured Compliance Assessment Solution (ACAS) scan results and monitor the Microsoft Defender for Endpoint (MDE) dashboard on a weekly basis to ensure accurate threat data.
• Administer IAVM Program: Act as the Information Assurance Vulnerability Management (IAVM) agent, reviewing the Vulnerability Remediation Asset Manager (VRAM) daily and reporting compliance status to government personnel.
• Perform Web Risk Assessments (WRA): Conduct web risk analysis on all systems and applications to ensure compliance with DoD/DON guidance, protecting operational security and data privacy.
• Oversee System Registrations: Assist the Information Security Manager (IAM) and Program Managers with reporting compliance and asset registration within the DON Application and Database Management System (DADMS) and DoD IT Portfolio Repository (DITPR-DON).
• Deliver Consistent Reporting: Provide daily A&A updates, weekly activity reports, biweekly system status reports, and monthly POA&M summaries to government stakeholders.
  
  

Requirements

What you’ll need to have to join our award-winning team:

• Clearance: Must possess and maintain an active Secret Clearance
• 7 years of experience in cybersecurity operations
• Certified Information Systems Security Professional (CISSP) Certification
  
  

What Sets You Apart

Experience in the following technologies:

• Artificial Intelligence (AI) and Machine Learning (ML) for predictive analytics and threat detection.
• Zero Trust Architecture for enhanced cybersecurity.
• Containerization technologies (e.g., Docker, Kubernetes) for scalable application deployment.
• Advanced cloud solutions (e.g., serverless computing, hybrid cloud models).
  
  

Physical Requirements

• While performing the duties of this job, the employee is regularly required to:
• Sit for extended periods of time and work at a computer workstation
• Use hands and fingers to operate keyboards, mice, and other input devices
• Communicate effectively, both verbally and in writing
• Specific vision abilities required may include close vision, distance vision, depth perception, and the ability to adjust
• Stand, walk, bend, or reach; Access equipment located in data centers, offices, or under desks
• Lift and/or move equipment weighing up to 25 pounds
  
  

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions, in accordance with the Americans with Disabilities Act (ADA).