HBSS Lead (IMC00480)

The HBSS lead is responsible for all areas of IT cybersecurity and in assisting the Army National Guard (ARNG) National Capital Region (NCR) in managing the risk of operating a network including the Command Cyber Readiness Inspection (CCRI) and Certification and Accreditation (C&A) support and tracking.

Responsibilities: The position will include, but is not limited to, the following tasks:

• Support physical, personnel, facility, information systems, through policies and controls in accordance with Army Regulations, Department of Defense (DoD) Directives and Instructions. 
• Manage information security risks and report findings to the Government. 
• Develop and maintain an OPSEC Standing Operating Procedure (SOP)/Plan. 
• Maintain ARNG NCR IT infrastructure in a manner compliant with Federal Information Security Management Act (FISMA), DoD Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) guidance. 
• Ensure appropriate Secure Technical Implementation Guidelines (STIG) are maintained.
• Review Host Based Security Solution (HBSS) and Tanium reports for end point security compliance. Remediate identified vulnerabilities as required.
• Report ARNG NCR security compliance to higher level authorities and/or reporting structures.
• Maintain the Information Security Plan.
• Support and validate access requests (SAAR) for ARNG NCR network access and managed services through service operations.
• Provide consultation on cybersecurity perspectives for proposed changes, initiatives, and projects.
• Maintain and draft memorandums for record, system interconnection agreement, and/or equivalent to document all system connections to ARNG NCR networks.
• Support Incident Response activities as required.
• Support C&A activities including:
  • Support the ARNG NCR and maintain Authority to Connect (ATC) and Authority to Operate (ATO).
  • Test the security technical controls for the ARNG NCR DOIM LAN via HBSS.
  • Conduct an internal review and execute all checks and tests in accordance with RMF.
  • Act as the HBSS Lead for the NCR’s LAN managing all HBSS requirements for SIPR and NIPR requirements. 
• Support the CCRI process including:
  • Ensure ARNG NCR compliance with all applicable CCRI requirements (e.g. Technical, CND Directives, Contributing Factors, etc.). Report status, findings, and results.
  • Provide support to the CCRI assessment team during scheduled and unscheduled inspections.
  • Track CCRI findings through POA&Ms and report status during MPSRs.
  • Support post-CCRI finding remediation. Assist with the planning, execution, and documentation of CCRI finding remediation activities.

Basic Required Qualifications and Skills: Note: These are mandatory items that all candidates must have when making application to IMC for this position. Please ensure that your submission addresses each of these requirement items. Candidates without these required elements will not be considered.

• At start date, must possess current Information Assurance Technical (IAT) Level II certification – in ACTIVE status.
  • Security+ CE
  • CySA+ (formerly CSA+)
  • GSEC
  • SSCP
  • CCNA Security
  • GICSP
  • CND
• 7+ years cybersecurity experience (preferably working directly with the Army).
• 5+ years knowledge of DoD and Army cybersecurity policy.
• 5+ years of managing HBSS requirements, i.e., implementation, deployment of endpoint modules, quarantine support, etc.
• Proven ability to prioritize, self-direct, and execute at velocity.
• Solid communication skills with both technical and non-technical stakeholders.
• Ability to communicate proficiently (both verbally and in written form) to senior officials and stakeholders.
• Due to a customer requirement, as a condition of employment for this position, the successful candidate will be required to obtain and provide proof of COVID-19 vaccination prior to commencing employment.
• Pursuant to a government contract, this specific position requires U.S. Citizenship.
• All applicants must have current DoD TOP SECRET clearance eligibility day one and prior to entry on duty.

Desired Qualifications and Skills: It is desirable that the candidate has the following qualifications:

• At start date, possess current Information Assurance Technical (IAT) Level III certification – in ACTIVE status.
• 7+ years cybersecurity experience working directly with the Army.
• Current ITIL 4 Foundation certification.
• Experience managing and using the cyber tools used at the ARNG NCR.
• A relevant educational degree in one of the following fields: Computer Science, Information Systems, IT, Cybersecurity, Statistics, Business Administration, Systems Engineering, Computation Science, Computer Engineering, Electrical Engineering, Data Analytics, Information Security and Assurance, Mathematics, Software Engineering, Systems Engineering, or Telecommunications.