Information Assurance Manager

Description

SciTec is a dynamic small business, with the mission to deliver advanced sensor data processing technologies and scientific instrumentation capabilities in support of National Security and Defense, and we are growing our creative team! We support customers throughout the Department of Defense and U.S. Government in building innovative new tools to deliver unique world-class data exploitation capabilities.

Important Notice: SciTec exclusively works on U.S. government contracts that require U.S. citizenship for all employees. SciTec cannot sponsor or assume sponsorship of employee work visas of any type. Further, U.S. citizenship is a requirement to obtain and keep a security clearance. Applicants that do not meet these requirements will not be considered.

SciTec has an immediate opening for an Information Assurance Manager to lead, build, and mentor the team responsible for ensuring that all information systems and associated data meet the required security, compliance, and risk management standards mandated by federal law and agency-specific regulations.

Responsibilities:

The Information Assurance Manager will lead and manage the cybersecurity and compliance activities in support of our programs and will be responsible for ensuring all information systems maintain compliance with applicable cybersecurity policies, including RFP, NIST SP 800-53, DoD 8500.01/8522.02, and other customer directed requirements. The Information Assurance Manager will serve as a key interface between security, engineering, IT, operations, and customer stakeholders.

• Lead the implementation and maintenance of cybersecurity policies, standards, and procedures to ensure compliance with DoD, NIST, and FISMA requirements
• Manage and lead a diverse, multi-location Information Assurance team while supporting their optimal performance and growth
• Manage system accreditation processes under RMF, including development of System Security Plans (SSPs), POA&Ms, Security Assessment Reports (SARs), and continuous monitoring strategies
• Lead the design and oversee the implementation of secure network architectures
• Coordinate with system owners, engineers, ISSM/ISSO, IT, and other stakeholders to manage security controls and system authorizations
• Collaborate with IT, DevOps, and physical security to remediate findings from security assessments and continuously improve the organization's security posture.
• Support incident response activities and ensure timely reporting of cybersecurity incidents per government policy
• Lead tabletop exercises simulating incident response, simulating cyber incidents, identifying procedural gaps, evaluate response capabilities, and improve cross-functional readiness
• Conduct threat modeling to identify and assess cybersecurity ricks, prioritize mitigation efforts, and advise stakeholders on protective strategies
• Manage and lead red-teaming and penetration testing activities, including planning, execution, and reporting to uncover vulnerabilities and ensure network resilience
• Ensure system configurations comply with DISA STIGs and DoD Security Technical Implementation Guides
• Conduct security impact assessments and risk assessments on proposed system changes
• Provide regular status reports and briefings to senior management and government stakeholders
• Participate in internal and external security audits and assessments
• Stay current on emerging threats, vulnerabilities, and technologies relevant to government cybersecurity
• Other duties as assigned

Requirements

• Active DoD Secret or higher security clearance
• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or other other related field. Equivalent experience may be considered.
• At least 10 years of relevant experience in information assurance, cybersecurity compliance, or risk management within a federal or DoD contracting environment
• Demonstrated ability to lead and mentor teams, develop skills, set goals and drive accountability, and effectively manage and engage stakeholders
• A CISSP, CAP, CISM, GSLC, or an alternate qualifying certification satisfying DoD 8570.01M requirements for an Information Assurance Manager Level II
• Demonstrated knowledge of RMF, NIST 800-171, NIST 800-53, FISMA, and other federal cybersecurity frameworks
• Hands-on experience with eMASS, ACAS, HBSS, and other DoD security tools
• Strong written and verbal communcation skills, including the ability to interface with technical and non-technical stakeholders
• Incident response and reporting experience, including experience with DCSA
• Direct experience with CMMC Level 2 implementation

Candidates who have one or more of the following qualifications will be preferred:

• Prior experience as an ISSM or Security Control Accessor (SCA)

Benefits

SciTec, Inc. offers a highly competitive salary and benefit package, including:

• 4% Safe Harbor 401(k) match
• 100% company paid HSA medical insurance, with a choice of 2 buy-up options
• 80% company paid dental insurance
• 100% company paid vision insurance
• 100% company paid live insurance
• 100% company paid long-term disability insurance
• 100% company paid hospital indemnity insurance
• Voluntary accident and critical illness insurance
• Short-term disability insurance
• Annual profit-sharing plan
• Discretionary performance bonus
• Paid parental leave
• Generous Paid Time Off (PTO), including holidays, vacation, and sick pay
• Flexible work hours

The pay range for this position is $160,000-200,000/ year. SciTec, Inc. considers several factors when extending an offer of employment, including but not limited to the role and associated responsibilities, a candidate's work experience, education/training, and key skills This is not a guarantee of compensation.

SciTec is proud to be an Equal Opportunity employer. VET/Disabled.