Posted at: 13 January

DOW - Information Assurance Manager

Company

CompanycFocus Software Incorporated

cFocus Software is a Largo, Maryland-based B2G SaaS provider specializing in cybersecurity solutions and compliance automation for federal government agencies, including the DoD.

Remote Hiring Policy:

cFocus Software supports remote work for certain roles and is hiring from various locations within the United States, including Washington, DC. Team members may work remotely, but compliance as a federal contractor suggests a focus on U.S. candidates.

Job Type

Full-time

Allowed Applicant Locations

United States

Salary

$100,000 to $150,000 per year

Apply Here

Job Description

cFocus Software seeks a Information Assurance Manager to join our program supporting the Department of Defense (DoD). This position is remote. This position requires the ability a Public Trust clearance.
Qualifications:
  • Bachelor’s degree in Cybersecurity, Information Assurance, Information Technology, or a related field.
  • 10+ years of experience supporting information assurance and cybersecurity for DoD or federal systems.
  • Demonstrated experience managing RMF processes and maintaining ATOs.
  • Strong knowledge of DoD cybersecurity policies and frameworks.
  • Experience leading vulnerability management and compliance initiatives.
  • Strong leadership, communication, and documentation skills.
  • Ability to obtain and maintain a DoD CAC and required background investigation
Duties:
  • Serve as the lead Information Assurance authority for the DSAID program.
  • Manage and oversee RMF lifecycle activities, including ATO maintenance and reauthorization.
  • Develop, maintain, and govern cybersecurity and information assurance policies, procedures, and plans.
  • Ensure compliance with NIST SP 800-53, NIST SP 800-171, and DoD cybersecurity requirements.
  • Oversee development and maintenance of System Security Plans (SSP), Security Assessment Reports (SAR), and POA&Ms.
  • Coordinate vulnerability management, STIG compliance, and continuous monitoring activities.
  • Provide cybersecurity risk assessments and recommendations to Government stakeholders.
  • Ensure integration of security controls into system architecture, development, and operational processes.
  • Coordinate with Cyber Security Engineers, Cloud Architects, Developers, and System Owners.
  • Support cybersecurity incident response, reporting, and remediation efforts.
  • Ensure compliance with Privacy Act, data protection, and records management requirements.
  • Support audits, inspections, and security reviews conducted by Government oversight bodies.
  • Participate in technical reviews, governance boards, and Government meetings.
  • Support transition-in, sustainment, and modernization activities with a focus on security continuity
Apply Here