Sr. Information Assurance (IA) Team Lead

Position Title: Sr. Information Assurance (IA) Team Lead 

Location: Washington, DC

Clearance: Active DOE Q or TS/SCI

Salary: 175,000-200,000

Position Summary

The Senior Information Assurance (IA) Team Lead provides enterprise-level leadership and oversight of cybersecurity compliance operations across classified and unclassified environments. This role leads a team of Subject Matter Experts (SMEs), including Information System Security Officers (ISSOs), Information System Security Managers (ISSMs), and Authorizing Official Designated Representatives (AODRs). The IA Team Lead ensures the successful implementation of the Risk Management Framework (RMF) in accordance with NIST, CNSSI, FISMA, and DOE/NNSA-specific requirements including DOE Order 205.1C and the DOE CIO Risk Management Approach. The position requires deep knowledge of enclave operations, control inheritance, and continuous monitoring across complex mission systems.

Essential Duties & Responsibilities:

• Lead and mentor a cross-functional team responsible for IA/RMF execution across classified and unclassified systems.

• Oversee all RMF lifecycle activities: system categorization, control selection and tailoring, implementation, assessment, authorization, and continuous monitoring.

• Serve as the senior IA advisor to Authorizing Officials (AOs) and AODRs, supporting security posture decisions and acceptance of risk.

• Review and approve Information System Security Plans (ISSPs), Risk Assessments, POA&Ms, Security Baselines, and associated artifacts.

• Ensure compliance with federal cybersecurity frameworks including NIST SP 800-53, CNSSI 1253, FISMA, and DOE Order 205.1C.

• Coordinate internal readiness activities, assessments, and external audits, including Inspector General and GAO engagements.

• Support the implementation of continuous monitoring programs aligned with DOE’s Enterprise Continuous Monitoring Architecture (ECMA) and Cybersecurity Program Planning (CSPP) strategies.

• Lead quality assurance activities for Security Assessment Reports (SARs), vulnerability scan reviews, and monthly risk metrics.

• Contribute to cybersecurity policy governance, enterprise control inheritance models, and the development of crosswalks between NIST, CNSSI, and DOE-specific controls.

Education, Certification & Experience Requirements

• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field.

• Minimum 7 years of experience in federal cybersecurity or risk management programs, including 3+ years in a lead or management capacity.

• Must possess a current CISSP, CISM, or equivalent DoD 8140/8570 IAM Level III certification.

• Experience supporting classified systems within DOE, NNSA, or DoD environments.

• Familiarity with governance tools such as Archer, Xacta, and scanning/assessment platforms like Tenable, ACAS, or Nessus.

• Experience with RMF implementation in hybrid (on-prem/cloud) architectures, including FedRAMP Moderate/High environments.

• Must be eligible for or currently hold a DOE clearance

Knowledge, Skills & Abilities:

• Proven leadership and team management skills in fast-paced, compliance-driven environments.

• Strong understanding of enclave boundary protection, data labeling, and control correlation identifiers (CCIs).

• Deep knowledge of federal cybersecurity frameworks (NIST SP 800-53, 800-37, CNSSI 1253, DOE CIO-1, FISMA).

• Strong analytical and communication skills with the ability to translate technical risks into executive-level briefings.

• Ability to manage multiple projects, shifting priorities, and geographically dispersed stakeholders

Working Conditions/Working Environment/Physical Demands

• Basic office work environment at government facility location

• Hours of operation are M-F between 0600-1800.

• Occasionally, project requirements may require temporary adjustment of work hours/days

• Duties are subject to change based on the needs of the customer

• This is an onsite position

#ClearanceJobs

Command Cyber Solutions LLC is an equal opportunity employer. Command Cyber Solutions LLC does not discriminate in employment opportunities or practices on the basis of race, color, religion, sex, national origin, age, disability, marital status or any other characteristic protected by law.