4283 ATC Security Auditor

OVERVIEW:

Assists the Defense Intelligence Agency (DIA) Chief Information Office (CIO), JWICS Program Division (CIO6) in the management and execution of the JWICS Connection Approval Program. Provides expertise in conducting Approval to Connect (ATC) activities requiring both technical and non-technical skills in assessing DIA JWICS customers' request to connect their node to JWICS. ATC requires an understanding of DoD and IC Cybersecurity Polices, Regulations, Security Technical Security Implementation Guides (STIGs), and NIST RMF. This position also involves documentation and generating formal reports, briefs, circuit connection packages, that are used to assist organizations to acquire Approval To Connect while minimizing risk to JWICS.

GENERAL DUTIES:

• Interacts with CIO entities, subscribers, and other stakeholders to ensure all subscriber connections meet the foundational requirements for compliance. These assessments are conducted in the broader context of the subscriber's architecture and consider AO risk decisions.
• Evaluate and assess ATC data to highlight strategic efficiencies or tactical cyber-signatures. This will be used to provide recommendations focused on the maturity of ATCs CONMON, ATC, and POAM management processes to minimize risks to JWICS.
• Draft, coordinate, and collaborate on the development of technical documentation or cyber-profile assessments that communicate a connections risk to the JWICS enterprise.
• Collaborate with ATC stakeholders to ensure a connections cyber-security risks are communicated and clearly understood.
• Participate in the planning, execution, and reporting of ATC assessments and collaborating with subscribers to ensure vulnerability assessments are integrated with minimal supervision.
• Assist in preparation and organization of assessment deliverables - ATC foundational documents, Security Risk Assessments, and other compliance data.
• Communicate the impact of system risks and vulnerabilities verbally, through presentations and written deliverables
• Familiarity with a variety of cybersecurity concepts, practices, and procedures. Relies on extensive experience and judgment to plan and accomplish goals.
• Ability to draft, coordinate, and finalize Standard Operating procedures, business process and workflow design, and manage their execution to consistently apply ATC, CONMON, and POA&M management activities.
• Provides overviews of the ATC assessment processes and procedures for team members (as required).

REQUIRED QUALIFICATIONS:

• Experience in IC security policies
• Solid interpersonal and communication skills to interact with various stakeholders and team members effectively.
• Strong independent work ethic (auditor mentality), exceptional oral and written communication skills, and the ability to work unsupervised. Focus on developing and updating processes and procedures to drive ATC, CONMON, and POA&M efficiencies.
• DoD 8570.01-M IAT Level III
• Bachelor's Degree in related field or an additional 4 years of experience
• Other: 5 Years experience
• Ability to Pass CI Poly.

CLEARANCE:

• Top Secret Security Clearance with SCI eligibility.