Assessment & Authorization Lead

Support the Department of Veterans Affairs (VA) Electronic Health Record Modernization Integration Office (EHRM-IO) program as the Assessment & Authorization Lead.

• Lead and manage a matrixed team to coordinate efforts across multiple organizations (DHA, DHMSM and VA).
• Interface with System Owners, System Stewards, Office of Information Security (OIS), Office of Information Technology, Product Owners, vendor project managers, and other stakeholders to manage JCOIC-driven tasks and responsibilities for systems that require cybersecurity review
• Provide Director and Executive-level reporting on all system packages submitted to JCOIC for review; and prepare ad-hoc briefings for leadership
• Enhance the A&A review process to streamline and automate manual steps
• Manage a technical team of cyber security professionals and provide mentorship and leadership
• Manage and resolve escalated issues and risks raised by the team
• Provide tactical leadership to personnel by delegating and monitoring technical and project-related tasks, provide constructive feedback to personnel, and work closely with team leads on personnel issues.
• Conduct technical reviews, validate modifications against the DISA CAL, work with and consult with ISSOs and system owners, and work across various departments and organizations (e.g., VA, DHA, DISA, etc.).
• Work collaboratively with Cybersecurity and IAM Oversight Technical Lead to manage the team and drive the Cyber Strategy for the Program

Minimum Qualifications

• Bachelor’s Degree in Information Assurance, Computer Science, or related field.
• 6-8 years of experience with 2-5 years of management experience

Other Job Specific Skills

• Must have experience writing policy, performing vulnerability testing and operating system hardening along with demonstrated leadership skills including organizing, planning, scheduling and coordinating workloads to meet established deadlines.
• Familiarity with security industry standards (ISO 17799, NIST 800 series, etc.)
• Experience with internal controls, risk assessments, business process and internal IT control testing or operational auditing.
• Demonstrated ability to write business and technical reports and to participate in presentations.
• Possess a thorough understanding of technical interface requirements and processes.
• Strong interpersonal skills to effectively interface with all levels of employees, management and outside representatives.
• Ability to resolve complex and diverse technical and management issues.
• Must demonstrate a detailed and comprehensive knowledge and understanding of data security principles, theories, regulations and practices.

Compensation Ranges

Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.

EEO Requirements

It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.

All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment.

Physical Requirements

The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties' or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.

Disclaimer

The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.