Information Assurance Lead

Overview

Abacus Technology is seeking an Information Assurance Lead to oversee a team providing security and information assurance support for the Air Force Intranet Control (AFINC) III Support program at Maxwell AFB/Gunter Annex. This is a full-time position.

Responsibilities

• Lead, mentor, and supervise teams of Information System Security Officers (ISSOs) and ACAS administrators to ensure consistent execution of the Risk Management Framework (RMF).
• Assess the quality, accuracy, and completeness of ISSO work products to ensure alignment with Department of War security standards.
• Coordinate workflows between ISSOs and ACAS administrators to ensure vulnerability scan outputs are translated into actionable remediation tasks.
• Oversee deployment, configuration, and ongoing operation of the Assured Compliance Assessment Solution (ACAS) to maintain comprehensive network visibility.
• Review and validate ACAS scan results, ensuring findings are accurately categorized and prioritized based on mission impact.
• Ensure ACAS administrators maintain current plugin sets and comply with required scanning schedules and procedures.
• Lead the creation, review, and submission of RMF artifacts within eMASS, including System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms).
• Manage the timely production and delivery of Contract Data Requirements List (CDRL) cybersecurity deliverables in accordance with contract requirements.
• Maintain continuous accuracy and currency of all mission assurance documentation to reflect the system’s real‑time security posture.
• Oversee the transition of RMF artifacts into the continuous monitoring phase to support sustained Authorization to Operate (ATO) status.

Qualifications

5+ years experience in a cyber security or information assurance role including at least 3 years supporting the RMF. HS diploma or GED. Must be CISM or CISSP certified (or hold an equivalent certification in compliance with DoD 8140/8570 IAM II). Must hold the Certified in Governance, Risk and Compliance (CGRC) certification and have participated in training for DISA ACAS Supervisor and Operator and DISA Enterprise Mission Assurance Support Service (eMASS). Additional certifications such as CCNA or Microsoft Certified: Information Security Administrator Associate preferred. Experience with DoD cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. NIST SP 800 series, CNSSI 1253. Experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs. Experience in assessing and documenting test or analysis data to show cybersecurity compliance. Experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include: NESSUS, ACAS, DISA STIGs, Audit Tools, ESS, eMASS, PPS. Outstanding communication skills across all levels of the organization. Must be a US citizen and hold a current Top Secret clearance with SCI Access (TS/SCI).

Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.

EOE/M/F/Vet/Disabled