Cloud Cybersecurity Manager (CCM) (15.35)

Must be a U.S. Citizen Active Top Secret Clearance / Favorably Adjudicated Tier 5 Investigation Must be in the National Capital Region and available to support on-site as required Bachelor’s degree in computer science, IT, information systems, or cybersecurity 8+ years of experience in managing cybersecurity projects of $100M+ within a Cloud environment 8+ years of experience with NIST RMF, NIST SP 800-53, STIGs, SCAP, IAVAs, and FISMA Certified Information Systems Security Professional (CISSP), and relevant certifications in NIST RMF or ZTA 8+ years of experience analyzing, assessing, and implementing corrective actions based on vulnerability management and penetration testing 8+ years of experience supporting DoD defensive cyber operational activities Deep understanding of cloud operations and cybersecurity compliance within a DoD environment (e.g., AWS GovCloud, ZTA, NIST RMF) Expert knowledge of DoD CC SRG Impact Levels (IL) 2, 4, and 5. Demonstrated experience with cloud security postures in AWS GovCloud Experience managing large-scale Agile development teams and programs Possess one of the following certifications: CISM, CISSO, FITSP-M, GCIA, GCSA, GCIH, GSLC, GICSP, CISSP-ISSMP, or CISSP

Authoritative lead for all cybersecurity measures, compliance, and risk management within the agency’s Amazon Web Services (AWS) GovCloud environment. Ensure continuous compliance with all DoD and Federal security mandates, including the implementation of the Zero Trust Architecture (ZTA). Deliver comprehensive cybersecurity services to comply with DoD, Defense Information Systems Agency (DISA), U.S. Cyber Command, and agency directives. Provide National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) support. Implement advanced security architectures for predictive threat detection and response. Conduct vulnerability assessments. Manage Configuration Management (CM) and control. Maintain compliance with all cybersecurity policies. Provide continuous monitoring and reporting of security controls. Ensure compliance with the DoD Zero Trust Architecture (ZTA). Ensure the secure operation of the agency’s IT enterprise. Maintain the active Authorization to Operate (ATO) status, supporting DoD Cloud Computing Security Requirements Guide (CC SRG) Impact Level (IL) 2, IL4, and IL5 information system operations 24/7. Manage a team of up to 30 cybersecurity professionals.