Information Assurance (IA) Manager

Everforth ECS is seeking a seasoned Information Assurance (IA) Manager to oversee IA support activities for federal clients. This role requires deep experience managing information systems security compliance, A&A package management, and continuous monitoring in support of DoD and Marine Corps programs

Information Assurance & Compliance

• Oversee support of IA activities for assigned federal clients, including management and accurate reporting of OPDRS and related security tracking systems.
• Ensure full compliance with USMC security requirements pursuant to DoDD 5200.2, DoDI 8500.2, and DoD 8570.01-M.
• Advise Program Managers and ISSMs on all 18 NIST security control families, including PHI and PII overlays.
• Implement and maintain the DoD IA Risk Management Framework (DIARMF) in accordance with NIST requirements.

A&A Package & Authorization Management

• Direct self-assessments and conduct IV&V activities as a certified Marine Corps Validator.
• Maintain ATO package currency, including MCCA packages within MCCAST, covering Ports, Protocols, and Services (PPS) updates.
• Manage A&A packages and provide certification recommendations to the Authorizing Official (AO).

Continuous Monitoring & Vulnerability Management

• Conduct and manage Information Systems Continuous Monitoring (ISCM) planning and implementation.
• Perform vulnerability scanning using ACAS, Retina, and SCAP; develop, submit, and track POA&Ms.
• Track and report on IAVA/IAVB compliance and remediation.
• Supervise security tool operations including eMASS, F5, and ACAS Security Center.

Risk Analysis & Cyber Security Assessments

• Provide and maintain Risk Analysis and Management documentation.
• Conduct IS environment cyber security assessments as required by DoD policy and regulations.
• Coordinate with internal and external entities, including penetration testing teams such as MFCC and CPT.

Policy & Incident Response

• Maintain and annually revaluate internal Cyber Security Policy and Standard Operating Procedures (SOPs).
• Write and maintain policy documentation addressing DIARMF security controls, System Security Plans (SSPs), and SOPs.
• Coordinate Annual Reviews for Contingency Planning and Incident Response.
• Investigate and respond to security incidents; conduct weekly IA briefings for new personnel.

Access & Personnel Security

• Ensure all personnel complete required System Authorization Access Reports (SAAR), DD Form 2875 prior to system access.
• Deny system access to any personnel who do not hold proper and current IA certifications.
• Ensure compliance with non-disclosure requirements in accordance with DoDI 8582.01.