Company Overview

For 30 years, clients in the private and public sectors have relied upon SOS International LLC (SOSi) for critical operations in the world’s most challenging environments. SOSi is privately held, was founded by its current ownership in 1989, maintains corporate headquarters in Reston, VA, and specializes in providing logistics, construction, training, intelligence, and information technology solutions to the defense, diplomatic, intelligence and law enforcement communities.

All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. SOSi takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.


5-190712-9312: Information Assurance Lead
LocationUS-South Carolina-Sumter/Shaw AFB
Open Date7/12/2019
  
JOB DESCRIPTION
STG Inc., a subsidiary company of SOS International LLC (SOSi) is searching for an Information Assurance Lead in Sumter, SC.

*This position is contingent upon award*

ESSENTIAL JOB DUTIES:

• Under general direction, responsible for all activities relating to information assurance procedures and systems.
• Develops information systems assurance programs and control guidelines.
• Confers with and advises subordinates on administrative policies and procedures and resolving technical problems, priorities, and methods.
• Consults with and advises other sections regarding internal controls and security procedures.
• Prepares activity and progress reports relating to the information systems audit function.
• Will be required to serve as Task Leader.
• Responsible for ensuring the quality and services delivered for particular task(s) for which this skill is performing the Task Leader position.
• Serve as the information security subject matter expert, and implement processes and controls in support of cybersecurity programs to ensure compliance with AFI 17-130, Cybersecurity Program Management, and other governing DoD, USAF and USAFCENT directives and policy;
• Plan, implement, upgrade and monitor security measures for the protection of communications and IT systems and information;
• Draft, review and coordinate local IA policies, procedures and operating instructions, and provide recommendations for revisions;
• Identify and manage cybersecurity risks; and implement controls to ensure the secure and delivery of mission critical services;
• Monitor and detect cybersecurity events; and implement appropriate response and recovery actions;
• Manage cybersecurity incident management handling, response, escalation and reporting IAW SPIN-C and other IA applicable regulations;
• Maintain cybersecurity posture IAW SPIN-C and applicable DoD, AF and USAFCENT directives and policy;
• Ensure all IT hardware/software products are configured IAW with Security Technical Implementation Guidance (STIG) and other relevant security configuration and implementation guidance;
• Ensure no unauthorized hardware/software is installed or used on Enterprise and Client networks and systems;
• Utilize standard software tools to perform vulnerability scans of network equipment and software; and assist network, systems and client administrators in implementing corrective actions required when vulnerabilities are detected;
• Develop, update and maintain certification and accreditation documentation, including but not limited to DoD Risk Management Framework (RMF) artifacts, Plan of Action and Milestones (POA&Ms), waivers, and vulnerability mitigation plans;
• Assess the impact of changes on certification and accreditation packages, and advise the government accordingly;
• Process and coordinate system access authorization requests, software approval requests, firewall and proxy exemption requests/waivers, and other IA-related documents;
• Ensure IA-related documentation is current and accessible to authorized individuals;
• Research security issues affecting network/systems hardware and software, and provide recommended solutions;
• Ensure unit and individuals are in compliance with USAFCENT NOSC IA standards and guidance; and promote information security awareness;
• Assist with the sensitive and/or classified hard drive and removable media tracking, sanitization and destruction;
• Assist with the operation, management and administration of unit Communications Security (COMSEC) and Emissions Security (EMSEC), and Operations Security (OPSEC) programs, as required;
• Attend and participate in cybersecurity and CM meetings, as required.
MINIMUM REQUIREMENTS
• 4 Yrs Applied Knowledge of:
o DoD Risk Management Framework (RMF)
o Assured Compliance Assessment Solution (ACAS)
o SolarWinds
• Bachelor's degree in Computer Science or related field; and 5+ years' work experience.
• This position requires an active DoD Top Secret clearance.
ADDITIONAL INFORMATION

DESIRED QUALIFICATIONS:
• DoD 8570 Level 3 or higher (CISSP, GLSC or CISM)
• Fluency in a foreign language.

WORK ENVIRONMENT
:
• Conditions are normal for an office working environment.