Cyber Security Lead - IMC0783

Working with the government, the SME cyber security lead is responsible for all areas of cybersecurity within the USARPAC Area of Responsibility (AOR) and is a direct consultant to the USARPAC G61 cybersecurity manager. This position will manage the risk of operating a network including DoD and Army compliance requirements of the DODIN-AP network to include A&A management for 11 separate networks. This position covers Army-to-Army cybersecurity engagements with assigned countries throughout the Pacific and the building and manning of a Defensive Cyber Operations (DCO) position for exercise and real-world events.

Work Location: Onsite in Honolulu, HI, based upon the direction and needs of the customer.

Basic Required Qualifications and Skills: Note: These are mandatory items that all candidates must have when submitting an application to IMC for this position. Please ensure that your submission addresses each of these requirement items. Candidates without these required elements will not be considered.

• At start date, must possess current IAM Level III Certification. One or more of the following certifications in ACTIVE status are acceptable:
• GSLC – GIAC Security Leadership Certification
• CISM – Certified Information Security Manager
• CISSP – Certified Information Systems Security Professional (or Associate)
• 10 years of knowledge of DoD and Army cybersecurity policy.
• 3 years of experience as a cybersecurity planner and/or Defense Cyberspace Operations (DCO) experience.
• 3 years of program management experience and the ability to conduct Joint-level network planning.
• Experience with Army tactical communications systems.
• Experience with Mission Partner Environment enclave.
• Experience with USARPAC Area of Responsibility (AOR).
• Experience in presenting and arguing for acceptance of new concepts to senior leadership.
• Strong interpersonal and relationship building skills.
• Strong writing skills and experience interfacing with General Officers and other senior leadership.
• Pursuant to a government contract, this specific position requires U.S. Citizenship.
• All applicants must have current DoD TS clearance with SCI eligibility day one and prior to entry on duty.

Desired Qualifications and Skills: It is desirable that the candidate have the following qualifications:

• 10 years of cybersecurity experience, preferably working directly with the Army.
• Capable of conducting technical research on cybersecurity issues and products and producing a whitepaper for leadership review.
• A relevant educational degree in one of the following fields: Computer Science, Information Systems, Information Technology, Cyber Security, Statistics, Business Administration, Systems Engineering, Computation Science, Computer Engineering, Electrical Engineering, Data Analytics, Information Technology, Information Security and Assurance, Mathematics, Software Engineering, Systems Engineering, or Telecommunications.

Essential Duties and Responsibilities: This position will include, but is not limited to, the following tasks:

• Manage a team of personnel, assigning tasks to meeting government requirements over the areas described.
• Provide oversight and accountability of day-to-day security operations of site cybersecurity tasks.
• Review all requests for changes or additions to the DODIN-AP to include the security architecture, current policies, procedures, and standards to ensure a layered approach to cybersecurity and minimal risk to the network.
• Evaluate policies against applicable standards for regulatory compliance, and when necessary, create policies that meet mission needs and minimizes risk to the network.
• Monitor information network security through policies and controls in accordance with Army Regulations, Department of Defense (DoD) Directives and Instructions.
• Manage information security risks and report findings to the Government.
• Work with system owners to manage current Authorities to Operate in a manner compliant with Federal Information Security Management Act (FISMA), DoD Risk Management Framework (RMF), and National Institute of Standards and Technology (NIST) guidance.
• Provide consultation on cybersecurity perspectives for proposed changes, initiatives, and projects.
• Attend technical meetings as requested by Govt. cybersecurity program manager, providing comments and recommendations where required.
• Conduct research and provide whitepapers to the Govt. cybersecurity program manager on cybersecurity issues and topics.

Support compliance activities including:

• Review of all Access and Authorize packages for completeness; approve package or work with submitter; forward approved package to NETCOM for review and recommendation.
• Support and validate modification/access requests for DODIN-AP network access and Managed services through the CSPMO Change Requests process.
• Provide guidance on the integration of mission command networks into the DODIN-AP.
• Assess current policies, SOPs and local directives for correctness based on current Army, DoD, CJCS, and other government departments and agencies doctrine.
• Function as command team member for the Site Assist Visit (pre-CCRI inspection), ensuring Network Enterprise Command’s (NECs) and Regional Cyber Center (RCCs) are in compliance with all applicable CCRI requirements (e.g., Technical, CND Directives, Contributing Factors, etc.). Report status, findings, and results.
• Provide support to the Organizational Inspection Program (OIP) prior to, during and follow-up, for OIP inspections.

Support defensive cyber operations activities including:

• Provide an understanding of DCO to assist in building and integrating cybersecurity within the G3 and the G6 organizations within USARPAC.
• Act as a SME to the USARPAC G6 and CS Program Manager for cybersecurity concerns in both exercises and real-world events.
• Assist in the planning and execution of all training exercises where cybersecurity will be a factor ensuring cybersecurity equities are included, are measurable, and will develop reports post exercise explaining the successes and where more effort needs to be focused to meet cybersecurity goals.
• Participate in and respond to real-world events as the DCO SME for G6.
• Other duties as assigned.

Salary and Benefits Information:

Please see the salary information listed at the beginning of this document, which is not a guarantee of compensation or salary. All salaries will be based on relevant experience, geographic location, and position and/or contractual requirements, which could fall outside of the listed range. For more information about IMC’s benefits, please visit our website at https://www.imcva.com/about-imc/careers.

Background Information:

Innovative Management Concepts, Inc. (IMC), a Service-Disabled Veteran-Owned Small Business, provides a broad range of information technology IT services to government and commercial customers by placing a high priority on modernization, enhancing business processes through technology, and creating efficiencies through automation. Since its founding in 1989, IMC has offered solutions and expertise in: IT operations and maintenance, data management, cyber security, systems and network engineering and administration, cloud/hosting services, software development, website services, software quality assurance and testing (including IV&V), and project management. IMC is certified in International Organization for Standardization (ISO) 9001 Quality Management, ISO 27001 Information Technology Security Management, ISO 20000 Information Technology Service Management, and ISO 14001 Environmental Management System. Committed to continuous improvement and information security, IMC has been appraised at level 3 of the CMMI Institute’s Capability Maturity Model Integration for both Development and Services and we are CMMC Level 2 (Ver 2.0) compliant. Find out more about IMC at www.imcva.com.

We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law.