Information Security Assurance Lead Security Clearance

Position: Information Security Assurance Lead with Security Clearance
Job Description The Information Security Assurance Lead serves as the senior technical and management authority for Information Assurance (IA) and cybersecurity compliance efforts. This role provides expert-level oversight across Assessment & Authorization (A&A), Risk Management Framework (RMF), FISMA compliance, FISCAM audits, and overall IT security posture. The Lead is responsible for supervising IA personnel, coordinating security activities with stakeholders, and ensuring systems maintain Authority to Operate (ATO) and Authority to Connect (ATC).

This position requires deep technical acumen, leadership capabilities, and hands-on experience developing, maintaining, and governing enterprise-level security programs within Federal environments. Key Tasks & Responsibilities
* Leadership

* Serve as the Team Lead, providing daily task direction, technical guidance, scheduling, and performance oversight for IA personnel.

* Maintain expertise in emerging cybersecurity technologies, policies, and federal compliance standards.

* Lead the planning, initiation, and execution of IT security projects, ensuring adherence to scope, deadlines, and cost targets.

* Act as liaison between technical teams, program leadership, auditors, and Government stakeholders.

* Provide advanced documentation development including installation guides, SOPs, troubleshooting procedures, vulnerability management reports, and configuration standards.

* Provide expert-level technical and management leadership on complex cybersecurity tasks and programs.

* Develop and implement security strategies supporting mission objectives and enterprise risk posture.

* Direct major activities related to financial management, staffing, and security compliance.

* Conduct strategic analysis, evaluations, and recommendations to improve system security, efficiency, and compliance.

* Lead studies, surveys, data analysis, and problem identification initiatives, providing actionable recommendations to the Government.

* Risk Management Framework (RMF)/Assessment & Authorization (A&A)

* Perform and manage all RMF steps to obtain and sustain ATO/ATC for systems in compliance with DoD and DIA requirements.

* Conduct periodic security assessments in accordance with DoD RMF, FISMA, and JWICS-related requirements.

* Develop and maintain all required RMF artifacts, including:

* Security Categorization

* System Security Plan (SSP)

* Control Validation/Implementation documentation

* Implementation Plan

* Plan of Action and Milestones (POA&M)

* Acceptance of Risk (AOR)

* Security Override Letter (SOL)

* RMF package and Scorecard

* Deliverables

* Standard Operating Procedures (SOPs)

* Incident Response Plan (IRP)

* Continuity of Operations Plan (COOP)

* Configuration Management Plan (CMP)

* Appointment memos

* DD2875s

* Current ATO, ATC, and ATO with Conditions

* Network diagrams and supporting technical documents
eMASS Responsibilities
* Maintain system records in eMASS in accordance with DoD RMF and FISMA requirements.

* Ensure all required artifacts, test results, and compliance actions are accurately entered into eMASS.

* Coordinate with the CIO Validator for all RMF actions and approvals.

* Maintain and track the ATO Status Process Calendar, ensuring all action items meet required compliance dates.
FISMA Compliance
* Perform annual control testing, evidence collection, and compliance analysis.

* Support internal and external FISMA reviews and assessments.
FISCAM Audit Support
* Document and validate IT general controls applicable to the CCE infrastructure.

* Support FISCAM audits and self-assessments; test and record results of annual IT general controls testing.

* Update and enhance process documentation to address deficiencies identified during audits.
Security Monitoring & Protection
* Plan, implement, upgrade, and monitor security controls to protect information systems and data.

* Ensure appropriate safeguards are in place to protect digital assets and infrastructure.

* Respond to security incidents, breaches, and vulnerabilities in accordance with approved procedures.

* Coordinate mitigation strategies for all non-compliance issues. Desired Skills and Experience
* Expertise in federal cybersecurity frameworks including RMF, FISMA, NIST 800-series, and FISCAM.

* Experience working with DoD, DIA, or IC security compliance programs.

* Strong leadership skills and experience managing technical cybersecurity teams.

* Excellent written and verbal communication skills for technical documentation and stakeholder engagement.

* Proficiency with eMASS, vulnerability management platforms, configuration management tools, and audit tracking systems. Education & Experience
* Minimum Education

* Bachelor's degree in a related field required.

* Minimum General Experience

* Ten (10) years of experience in Information Technology.

* At least eight (8) years of experience as a Security Administrator or in a similar technical role, or a closely related IT discipline involving oversight of large, complex, multi-site programs.…