Cyber Security Team Lead

You...

Are you a self-motivated and experienced Cyber Security professional? Are you looking for a significant career growth opportunity? You will be joining the team that is deploying and delivering a cloud-based, multi-domain Common Data Fabric (CDF), which provides data sharing services to the entire DoD Intelligence Community (IC). The CDF connects all IC data providers and consumers. It uses fully automated policy-based access controls to create a machine-to-machine data brokerage service, which is enabling the transition away from legacy point-to-point solutions across the IC enterprise.

Us...

Octo offers modern approaches to solve your toughest challenges. We believe the status quo can be improved, and we've made it our job to use emerging technology to help our customers achieve their objectives with the most modern systems and software possible. That's why our digital solution innovators develop transformative, scalable solutions to make sure your agency is always a step ahead.

Program Mission...

The CDF program is an evolution for the way DoD programs, services, and combat support agencies access data by providing data consumers (e.g., systems, app developers, etc.) with a "one-stop shop" for obtaining ISR data. The CDF significantly increases the DI2E's ability to meet the ISR needs of joint and combined task force commanders by providing enterprise data at scale. The CDF serves as the scalable, modular, open architecture that enables interoperability for the collection, processing, exploitation, dissemination, and archiving of all forms and formats of intelligence data. Through the CDF, programs can easily share data and access new sources using their existing architecture. The CDF is a network and end-user agnostic capability that enables enterprise intelligence data sharing from sensor tasking to product dissemination.

Responsibilities...

Primarily responsible for the management of a team of approximately eight (8) personnel who are responsible for the security accreditation of CDF components and instances, to include validation and maintenance of all Information Assurance (IA) requirements mandated ISO a defense organization’s business systems environment. In this role, you will:

• Manage, oversee and coordinate the accreditation and delivery of the assembled enterprise data capabilities across all platforms, and perform continuous monitoring of the fielded solutions.
• Manage, oversee and coordinate security team interactions with CDF Platform / systems engineers to remediate security defects in a timely manner on any open findings for all development, test and production systems.
• Responsible authority for monitoring ACAS and CMRS weekly reports, Information Assurance Vulnerability Alerts (IAVAs), Cyber Tasking Orders, and vendor announcements for alerts and forward relevant alerts to the Operations and Maintenance teams for mitigation and response
• Supervise and ensure the proper preparation of necessary documentation to describe the protection and sustainment of the IA requirements and support for the DoD Public Key Infrastructure (PKI) implementation strategies.
• Supervise and ensure the proper preparation of IA documentation for Government representatives to include authorization change requests, Security Technical Implementation Guide (STIG) reports, or any other IA pertinent documents.
• Manage, oversee and coordinate the creation of needed evidence in A&A packages for submission into the required registry databases and author documents and diagrams to satisfy the corresponding NIST SP-800-53 controls associated with the information security targets for Confidentiality, Integrity, and Availability (CIA).
• Manage the PMO and IA stakeholders to maintain Authorities to Operate (ATOs) for multiple systems.
• Provide input into the Federal Information Security Management Act (FISMA) reporting, and work with the PMO in addressing any identified vulnerabilities.
• Facilitate and/or conduct drills or table-top exercises such as Continuity of Operations (COOP), spillage, or other events

What We'd Like To See...

• Active TS/SCI clearance
• Certified Information Systems Security Professional (CISSP) Certificate
• DoD 8570 IAT Level I & Level II Certifications (A+, Security+)
• 10+ years hands-on experience obtaining and maintaining security accreditation for Linux-based software systems and capabilities, including documenting and reviewing Security Controls and Test Plans, and using the Xacta cyber risk management tool
• Understanding of Risk Management Framework (RMF) and IC Authority to Operate (ATO) and Interim Authority to Test (IATT) processes
• Working knowledge and experience with security certification, ICD 503, NIST 800-53 security controls, and DISA Control Correlation Identifiers (CCIs) / Security Technical Implementation Guides (STIGs)
• Proven expertise obtaining ATOs and IATTs on IC programs (desired)
• Demonstrated understanding and commitment to modern Continuous ATO processes (desired)
• Advanced organizational skills with the ability to handle multiple assignments
• Strong written and oral communication skills
• Strong critical thinking skills with Inquiring mind / inquisitive nature
• Microsoft Office proficiency

Years of Experience: 10 years of experience or more.

Education: Bachelor's degree

Location: Chantilly, VA

Clearance: Active TS/SCI w/ ability to obtain CI Poly