By Light Professional IT Services (By Light) are leading providers of innovative Information Technology (IT) services and communications support to the Department of Defense and Federal Agencies. By Light is looking for personnel to support the Network Enterprise Technology Command (NETCOM) to successfully perform its core Army mission of providing Department of Defense Information Network (DoDIN) Army (DoDIN-A) operations and defense worldwide to all Army customers. Support includes IT Services that cover all aspects and activities required to Operate and Maintain (O&M) the transformed and consolidated Army Infostructure at the enterprise level and support the Department of Defense Information Network – Army (DoDIN-A) Operations, Enterprise System Management, and Operational Engineering.

• Assist the Government in performing site-specific risk mitigation and document all changes in system documentation and technical guidance.
• Identify and configure security remediation measures consistent with STIG/SRG, Information Assurance (IA) Vulnerability Management (IAVM), test to validate, and update within all system documentation and Plan of Action and Milestones (POA&M).
• Analyze system input/output processes and working parameters for hardware/software compatibility and interoperability, and document results in system documentation, technical documentation, and test reports and results, and eMASS.
• Provide enterprise compliance analysis, compliance assessments of network and system devices, network and system applications, and network and system operating systems.
• Maintain situational awareness of cyber incidents, health, performance, availability, and reliability of the DoDIN-A.
• Draft Cyber Tasking Order (CTO) POA&M mitigations that delineate the defense in depth measures taken to reduce the risk to the Army DoDIN, data, and customers, meeting all CTO remediation suspense dates.
• Develop key performing indicators (KPI) and analysis reports to determine process effectiveness and residual risks.
• Complete and upload into eMASS vulnerability scans using ACAS, and compliance scans (SCAP).
• Develop artifacts in support of system ATOs.
• Update the eMASS POA&M for each capability.
• Verify all POA&M entries meet security engineering intent to reduce risk to the DoDIN-A, Army data, and Army customers.
• Verify all remediation target dates meet RMF guidelines and are achievable and technically feasible.
• Draft remediation guidance and documentation related to system and service interruption.
• Performs other cyber operations tasks as required.

• Master’s degree in business administration, economics, computer science, engineering, or relevant degree.
• Minimum of Ten (10) years of relevant cyber security or information assurance experience.
• Certifications: IAM II CASP CE, or CAP, or CISM, or CISSP
• Must be located within a 60-mile radius of Fort Huachuca, AZ.
• Demonstrated ability to interface with management and brief senior leadership on status of program status and risks (both technical and programmatic).

• Prior experience and close interaction and coordination with United States Cyber Command (USCYBERCOM), Army Cyber Command (ARCYBER), Headquarters Department of the Army (HQDA) G-6, and Army Chief Information Officer (CIO).
• Has an in-depth understanding of DoDIN-A operations and defense to Army customers.
• Has the communication skills to effectively interface with senior military officials, managers, and subordinates.

• Security Clearance: Top Secret/SCI eligibility.