Mgr - Information Assurance
Company Name:
AmerisourceBergen Atlanta
## Description
POSITION
Summary:
Under general direction of the Director, Integration Engineering, the Information Assurance Manager (IAM) is the primary technical resource responsible for developing, implementing, documenting, coordinating and monitoring all aspects of ABTG's efforts to attain accreditation and maintaining ongoing compliance with client Information Assurance (IA) programs such as Defense Information Assurance Certification & Accreditation (DIACAP) and other similar initiatives in both government and the private sector.
Due to the nature of the position, candidate must pass and maintain a government background check and meet all levels of relevant requirements for system and facility access.
PRIMARY DUTIES AND
Responsibilities:
1. Act as the primary ABTG Subject Matter Expert and technical advisor for all aspects of IA. Operate as the liaison between ABTG and potential or existing customers regarding data security, system and infrastructure security policies.
2. Identify and understand criteria used to determine applicability of Government C&A;/RMF processes.
3. Function as primary IA point of contact for clients, internal associates and consultant partners. Provide guidance to internal teams for IA-related issues.
4. Develop and maintain a corporate-level IA program that identifies the IA architecture, requirements, objectives, policies, personnel, processes, and procedures to ensure compliance with relevant standards.
5. Maintain IA oversight of all ABTG accredited systems. Responsible for coordinating all ABTG deliverables associated with IA sustainment of accredited systems (patch testing, patch deployment, reporting, etc.) and ensuring all tasks are executed and complete within the required timeframe.
6. Monitor implementation and support activities associated with ABTG accredited systems to ensure that IA posture or STIG compliance is not compromised.
7. Provide regular updates regarding compliance status of accredited systems to ABTG stakeholders.
8. Handle all compliance reporting, correspondence, inspections, audits and inquiries.
9. Maintain oversight of ABTG secure access connections such as B2B. Establish and ensures ongoing viability of connectivity & user credentials.
10. Maintain oversight of ABTG vendor partners performing IA-related functions and ensures timely execution of all deliverables. Track activity and provide regular updates on vendor performance.
11. Identify and correlate C&A;/RMF efforts with ABTG systems engineering development to maintain uninterrupted ATO/ATC status.
12. Coordinate all ABTG deliverables for C&A; approval process events (i.e. Collaboration Meetings, package reviews, etc.).
13. Ensure that IA certification documentation is developed and maintained for defined systems according to current C&A; guidance.
14. Review and endorse all IS accreditation or certification support documentation packages for the defined systems.
15. Maintain a repository for all C&A; documentation and modifications pertaining to all accredited ABTG installations.
16. Ensure that responses to IA-related alerts are coordinated and reported.
17. Conduct and/or coordinate IA-related training for ABTG associates.
18. Establish and promote the maintenance of a safe, and incident free healthy work environment.
19. Performs related duties as assigned.
20. May require periodic travel up to but not limited to 25%.
## Qualifications
EXPERIENCE AND EDUCATIONAL REQUIREMENTS:
Requires broad training in fields such as business administration, accountancy, sales, marketing, computer sciences or similar vocations generally obtained through completion of a four year bachelor's degree program or equivalent combination of experience and education; normally requires a minimum of ten (10) years directly related and progressively responsible experience.
Industry recognized Information Security certifications such as the CISSP, CISSP-ISSEP, GSLC required.
Direct experience executing all C&A; related tasks for both branch specific and joint accreditation efforts.
Proven, expert knowledge with C&A; and IA related issues specific to medical devices and their deployment in controlled operational environments.
Broad experience of challenges faced by commercial solution/product providers integrating their solutions into DoD computing environments.
Prior experience developing comprehensive C&A; and IA solutions across all DoD branches (USA, USAF, USN, USMC).
Experience and hands on knowledge of integration with DoD enterprise solutions (i.e. HBSS, DOD-PKI, WSUS, etc).
Experience creating and maintaining relationships between ABTG, third party vendors, government customers and outside agencies.
IA manager will maintain broad and in-depth knowledge of all technologies employed in ABTG solutions and will possess a strong understanding of potential impacts integrating these technologies into DoD environments.
Ability to review and assess output from DoD automated scanning tools (i.e. Retina, Nessus, SCAP) and prioritize fix/response plans, ability to develop not only DoD system POA&Ms;, but internal use only POA&Ms.;
Robust experience developing compliance sustainment and RMF/mitigation strategies.
Experience developing long term strategies for commercial solution providers to enable ABTG to properly allocate development resources and to exploit competitive advantages of offering accredited solutions.
Comfortable with direct communications with senior ABTG and customer leadership.
MINIMUM SKILLS, KNOWLEDGE AND ABILITY REQUIREMENTS:
1. Detailed understanding of IT and networked system architecture and design concepts
2. Detailed understanding of Windows operating systems, as well as general knowledge of Oracle and SQL databases
3. Expert understanding of current Information Assurance concepts
4. Understanding of military medicine, pharmacy & IT organizational structure, military rank system, and communication protocol
5. Good understanding of all ABTG product platforms
6. Knowledge of Federal, State and local regulatory agencies
7. Ability to communicate effectively both orally and in writing
8. Ability to work well under pressure, meeting multiple deadlines
9. Ability to work independently with minimum supervision
10. Effective presentation and training skills
11. Strong interpersonal skills; able to effectively interact with all internal functional disciplines as well as client personnel
12. Strong leadership and team building skills
13. Highly motivated and self-disciplined
14. Effective negotiation skills
15. Strong organizational skills; attention to detail
16. Strong project management skills
17. Good analytical skills
18. Ability to follow and interpret continually evolving IA requirements and changes
19. Ability to learn and understand government & military acronyms
20. Ability to implement processes resulting in satisfactory audit practices
21. Strong decision making skills
22. Excellent problem solving skills; ability to resolve issues effectively and efficiently
23. Working knowledge of Microsoft Office Suite
24. Must clear initial government background check and comply with ongoing security requirements for government system access including, but not limited to, those required for issuance of DoD-sponsored Common Access Card (CAC)
Organization: AutoMed
Job: Information Assurance Manager(11M125)
Schedule: Full-time
Primary Location: United States-Illinois-Buffalo Grove
Req ID: 000014VCEstimated Salary: $20 to $28 per hour based on qualifications.
AmerisourceBergen Atlanta
## Description
POSITION
Summary:
Under general direction of the Director, Integration Engineering, the Information Assurance Manager (IAM) is the primary technical resource responsible for developing, implementing, documenting, coordinating and monitoring all aspects of ABTG's efforts to attain accreditation and maintaining ongoing compliance with client Information Assurance (IA) programs such as Defense Information Assurance Certification & Accreditation (DIACAP) and other similar initiatives in both government and the private sector.
Due to the nature of the position, candidate must pass and maintain a government background check and meet all levels of relevant requirements for system and facility access.
PRIMARY DUTIES AND
Responsibilities:
1. Act as the primary ABTG Subject Matter Expert and technical advisor for all aspects of IA. Operate as the liaison between ABTG and potential or existing customers regarding data security, system and infrastructure security policies.
2. Identify and understand criteria used to determine applicability of Government C&A;/RMF processes.
3. Function as primary IA point of contact for clients, internal associates and consultant partners. Provide guidance to internal teams for IA-related issues.
4. Develop and maintain a corporate-level IA program that identifies the IA architecture, requirements, objectives, policies, personnel, processes, and procedures to ensure compliance with relevant standards.
5. Maintain IA oversight of all ABTG accredited systems. Responsible for coordinating all ABTG deliverables associated with IA sustainment of accredited systems (patch testing, patch deployment, reporting, etc.) and ensuring all tasks are executed and complete within the required timeframe.
6. Monitor implementation and support activities associated with ABTG accredited systems to ensure that IA posture or STIG compliance is not compromised.
7. Provide regular updates regarding compliance status of accredited systems to ABTG stakeholders.
8. Handle all compliance reporting, correspondence, inspections, audits and inquiries.
9. Maintain oversight of ABTG secure access connections such as B2B. Establish and ensures ongoing viability of connectivity & user credentials.
10. Maintain oversight of ABTG vendor partners performing IA-related functions and ensures timely execution of all deliverables. Track activity and provide regular updates on vendor performance.
11. Identify and correlate C&A;/RMF efforts with ABTG systems engineering development to maintain uninterrupted ATO/ATC status.
12. Coordinate all ABTG deliverables for C&A; approval process events (i.e. Collaboration Meetings, package reviews, etc.).
13. Ensure that IA certification documentation is developed and maintained for defined systems according to current C&A; guidance.
14. Review and endorse all IS accreditation or certification support documentation packages for the defined systems.
15. Maintain a repository for all C&A; documentation and modifications pertaining to all accredited ABTG installations.
16. Ensure that responses to IA-related alerts are coordinated and reported.
17. Conduct and/or coordinate IA-related training for ABTG associates.
18. Establish and promote the maintenance of a safe, and incident free healthy work environment.
19. Performs related duties as assigned.
20. May require periodic travel up to but not limited to 25%.
## Qualifications
EXPERIENCE AND EDUCATIONAL REQUIREMENTS:
Requires broad training in fields such as business administration, accountancy, sales, marketing, computer sciences or similar vocations generally obtained through completion of a four year bachelor's degree program or equivalent combination of experience and education; normally requires a minimum of ten (10) years directly related and progressively responsible experience.
Industry recognized Information Security certifications such as the CISSP, CISSP-ISSEP, GSLC required.
Direct experience executing all C&A; related tasks for both branch specific and joint accreditation efforts.
Proven, expert knowledge with C&A; and IA related issues specific to medical devices and their deployment in controlled operational environments.
Broad experience of challenges faced by commercial solution/product providers integrating their solutions into DoD computing environments.
Prior experience developing comprehensive C&A; and IA solutions across all DoD branches (USA, USAF, USN, USMC).
Experience and hands on knowledge of integration with DoD enterprise solutions (i.e. HBSS, DOD-PKI, WSUS, etc).
Experience creating and maintaining relationships between ABTG, third party vendors, government customers and outside agencies.
IA manager will maintain broad and in-depth knowledge of all technologies employed in ABTG solutions and will possess a strong understanding of potential impacts integrating these technologies into DoD environments.
Ability to review and assess output from DoD automated scanning tools (i.e. Retina, Nessus, SCAP) and prioritize fix/response plans, ability to develop not only DoD system POA&Ms;, but internal use only POA&Ms.;
Robust experience developing compliance sustainment and RMF/mitigation strategies.
Experience developing long term strategies for commercial solution providers to enable ABTG to properly allocate development resources and to exploit competitive advantages of offering accredited solutions.
Comfortable with direct communications with senior ABTG and customer leadership.
MINIMUM SKILLS, KNOWLEDGE AND ABILITY REQUIREMENTS:
1. Detailed understanding of IT and networked system architecture and design concepts
2. Detailed understanding of Windows operating systems, as well as general knowledge of Oracle and SQL databases
3. Expert understanding of current Information Assurance concepts
4. Understanding of military medicine, pharmacy & IT organizational structure, military rank system, and communication protocol
5. Good understanding of all ABTG product platforms
6. Knowledge of Federal, State and local regulatory agencies
7. Ability to communicate effectively both orally and in writing
8. Ability to work well under pressure, meeting multiple deadlines
9. Ability to work independently with minimum supervision
10. Effective presentation and training skills
11. Strong interpersonal skills; able to effectively interact with all internal functional disciplines as well as client personnel
12. Strong leadership and team building skills
13. Highly motivated and self-disciplined
14. Effective negotiation skills
15. Strong organizational skills; attention to detail
16. Strong project management skills
17. Good analytical skills
18. Ability to follow and interpret continually evolving IA requirements and changes
19. Ability to learn and understand government & military acronyms
20. Ability to implement processes resulting in satisfactory audit practices
21. Strong decision making skills
22. Excellent problem solving skills; ability to resolve issues effectively and efficiently
23. Working knowledge of Microsoft Office Suite
24. Must clear initial government background check and comply with ongoing security requirements for government system access including, but not limited to, those required for issuance of DoD-sponsored Common Access Card (CAC)
Organization: AutoMed
Job: Information Assurance Manager(11M125)
Schedule: Full-time
Primary Location: United States-Illinois-Buffalo Grove
Req ID: 000014VCEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
