Applied Research Solutions is seeking a Cybersecurity SME located at Lackland AFB

Why Work with us ?

Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support. Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers.

Responsibilities include:

• The Cybersecurity Subject Matter Expert (SME) serves as an Information System Security Manager (ISSM) and acts as technical advisors to Authorizing Officials (AOs)
• Primary responsible for maintaining the overall security posture of the systems within their organization, and are accountable for the implementation of Department of Defense (DoD) 8510.01.
• Responsibilities include, but are not limited to:
  • DoD 8570 compliant IAM Level III certification, such as the GIAC (Global Information Assurance Certification) Security Leadership Certification (GSLC), Certified Information Security Manager (CISM) and/or Certified Information Systems Security Professional (CISSP) is required.
  • Support implementation of the Risk Management Framework (RMF).
  • Perform the ISSM duties as outlined in Department of Defense Instruction (DoDI) 8510.01 and DoDI 8500.01 for assigned systems/applications.
  • Develop and maintain a formal Information Systems (ISs) security program and policies for their assigned area of responsibility.
  • Supporting the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing DoD and Air Force policies (i.e., RMF).
  • Ensure proper measures are taken when an IS incident or vulnerability is discovered.
  • Maintain and report IS and Platform Information Technology (PIT) systems assessment and authorization status and issues in accordance with DoD Component guidance.
  • Provide direction to the ISSO in accordance with DoDI 8500.01.
  • Ensure that ISSOs are appointed in writing and provide oversight to ensure they are following established cybersecurity policies and procedures.
  • Coordinate with the organization's security manager to ensure issues affecting the organization's overall security are addressed appropriately.
  • Ensure that Information Owners (IOs) and stewards associated with DoD information received, processed, stored, displayed, or transmitted on each DoD IS and PIT system are identified in order to establish accountability, access approvals, and special handling requirements.
  • Maintain a repository for all organizational or system-level cybersecurity-related documentation.
  • Monitor compliance with cybersecurity policy, as appropriate, and review the results of such monitoring.
  • Ensure that cybersecurity inspections, tests, and reviews are synchronized and coordinated with affected parties and organizations.
  • Ensure implementation of IS security measures and procedures including reporting incidents to the AO and appropriate reporting chains, and coordinating system-level responses to unauthorized disclosures in accordance with DoD Manual 5200.01, Volume 3 for classified information or DoD Manual 5200.01, Volume 4 for Controlled Unclassified Information (CUI), respectively
  • Ensure handling of possible or actual data spills of classified information resident in ISs, are conducted in accordance with DoD 5200.01, Volume 3.
  • Act as the primary cybersecurity technical advisor to the AO for DoD IS and PIT systems under their purview.
  • Ensure that cybersecurity-related events or configuration changes that may impact DoD IS and PIT systems authorization or security posture are formally reported to the AO and other affected parties, such as IOs and stewards and AOs of interconnected DoD ISs.
  • Ensure the secure configuration and approval of IT below the system level (i.e., products and IT services) in accordance with applicable guidance prior to acceptance into or connection to a DoD IS or PIT system.
  • Ensure that ISSOs author, monitor, and record system information in applicable databases. Prepare and record system, security status, and portfolio management information into the Enterprise Information Technology Data Repository (EITDR) for Federal Information Security Management Act (FISMA); Security, Interoperability, Supportability, Sustainability, Usability (SISSU); Clinger Cohen Act; and other statutory compliance.
  • Author, review, certify, and/or maintain information awareness (IA) and security management plans to include RMF Implementation Plans, System Security Management Plans, Information Support Plans, Program Protection Plans (PPPs), Security Risk Analyses, Security Vulnerability and Countermeasure Analyses, Security Concepts of Operations, Operational Security (OPSEC) Plans, and other system/network security related documents.
  • Perform ISSM/ISSO duties as outlined in DoDI 8510.01 for assigned systems/applications.
  • Other duties as assigned

Qualifications/ Technical Experience Requirements:

• Must be US Citizen
• 15 years of general work experience, 10 years of which must be in cybersecurity.
• Master's degree in Science or Engineering
• Active Top Secret Clearance
• Applicable DoD 8570.01 compliant certification
• Risk Management Framework (RMF)

All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check.

This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities.

This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.