interactive Personnel Electronic Records Management System (iPERMS) is a secure net-centric information system that directly supports the Army’s military personnel records management mission in war, mobilization, and peace. iPERMS is the system of record and storage for the Army Military Human Resource Record (AMHRR) during the Soldier’s service and is the Records Management Application (RMA) for the Integrated Pay and Personnel System – Army (IPPS-A). The system supports over 317 million AMHRR documents and over 9.2M Soldier records for the Active Army, Army Reserve, Army National Guard, United States Coast Guard, retired, discharged, and deceased personnel. iPERMS is used by Army leaders, component and Federal agency human resource managers, component selection boards, various Federal agencies, and Soldiers worldwide.

By Light is looking for personnel to support Human Resource Command (HRC) with application sustainment and development support services, which includes software (SW) and hardware (HW) technology upgrades and enhancements. By Light will provide IT services to maintain, sustain, and enhance iPERMS and iPERMS-Secret IT systems, programs, applications, and databases vital to the management of the Army’s Active, Reserve, National Guard, and United States Coast Guard personnel, in peacetime and at war.

• Architects, designs, implements, maintains, and operates information system security controls and countermeasures.
• Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance.
• Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets and monitors for compliance.
• Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends.
• Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement.
• Administers authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets.
• Analyzes trends, news and changes in threat and compliance environment with respect to  organizational risk.
• Advises organization management and develops and executes plans for compliance and mitigation of risk.
• Performs risk and compliance self-assessments and engages and coordinates third-party risk and compliance assessments.
• Analyzes and develops information security governance, including organizational policies, procedures, standards, baselines, and guidelines with respect to information security and use and operation of information systems.
• Develops and administers, or provides advice, evaluation, and oversight for, information security training and awareness programs.

• Education: Bachelors’ degree or 6 years of relevant experience
• Certification: CompTIA Security + and Command Assessment Program (CAP), Certified Information Security Manager (CISM), and/or Certified Information Systems Security Professional (CISSP).
• Must meet DoD 8570 ISSM (baseline certifications) appointment and Enterprise Mission Assurance Support Service (eMASS) management.

• Supported the U.S. Army or other DoD/Federal Agency.
• Has the communication skills to effectively interface with senior military officials, managers, and subordinates.

• U.S. Citizen
• Security Clearance: Secret