Skip to main content

 Go backto Jobs

IAM – Journeyman (DoD Top Secret)
R6289Network security engineering

It's fun to work in a company where people truly BELIEVE in what they're doing!

We're committed to bringing passion and customer focus to the business.


The IAM – Journeyman supports the Department of Defense (DoD) ACAS capability which scans an estimated 11 million devices on the DoD Information Network (DoDIN) for potential vulnerabilities that may affect the DoD security postures.  This position serves as the Assessment and Authorization (A&A) Lead.   This position performs security engineering to the Government and supports A&A activities for test and productions systems to maintain compliance with DoD 8500 series publication, Federal Information processing Standards, and National Institute of Standards and Technology (NIST) Special Publications on both NIPRNET and SIPRNET.


Must have an active Top Secret/Sensitive Compartmented Information (TS/SCI) Security Clearance which requires U.S. citizenship. 

Essential Duties and responsibilities include the following.  Other duties may be assigned.

Obtains and applies patches to all assets affected by open findings.

Coordinates with the Government-specified A&A team to remediate security defects on any open findings on the test and production systems in a timely manner.

Supports Information Systems Security Manager (ISSM) team in collecting information and answering DTO and OPORD

Provides the Ports, Protocols and Service Management (PPSM) information for ACAS and assist the ISSM with submitting the information to the Government PPSM system of record.

Performs preparation of the necessary accreditation documentation, to include a System Security Plan to describe the protection and sustainment of the Cyber Security requirements to comply with applicable Security Controls of the ACAS capabilities.

Performs preparation of the accreditation packages that show the certification status of the system in the Government-furnished format, to include change request forms and supporting documentation for major change management activities.

Ensures that the accreditation package(s) contains accurate information and is maintained in a current status, to include updates to the implementation plan.

Performs all the required A&A data entry and artifact submissions to the unclassified and classified Enterprise Mission Assurance Support Service (eMASS) and DISA Requirements Task System (RTS).

Maintains the Lifecycle A&A Plan that addresses the process, procedures, and timing of A&A activities for new software and software updates/upgrades across the anticipated lifecycle of the product(s), including but not limited to:

  • Plans of Action and Milestones (POA&M) development
  • Mitigation strategy for findings that cannot be fixed immediately
  • All current and future required accreditation documentation for the Risk Management Framework (RMF)
  • Registration information (shall be within required documents above)
  • Information Assurance Vulnerability Alert (IAVA) review and compliance

Performs assessments for all STIG and IAVAs in the agreed upon format and medium and submit a written STIG/IAVA compliance report of all discrepancies.

Provides a System POA&M, in accordance with the DISA AO Vulnerability Management Policy, for any open STIG or IAVA that requires further research and testing

Maintains and updates an SRG for the ACAS capability, which includes STIGs or system configurations that cannot be implemented until the capability is implemented at the operational site.

Updates and maintains a Continuity of Operations (COOP) and Information System Contingency Plan (ISCP) for the ACAS capability.

Conducts an annual exercise of the COOP or ISCP with all appropriate support personnel and update the operations strategy and architecture documents to reflect any needed changes.

Plans daily activities within the guidelines of company policy, job description and supervisor’s instruction in such a way as to maximize personal output.  


Responsible for aiding in own self-development by being available and receptive to all training made available by the company. 


Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job.  Duties, responsibilities and activities may change at any time with or without notice.


Bachelor's degree and a minimum of five (5) years’ relevant experience, or equivalent combination of education/experience.


Five or more years of cumulative, non-concurrent information security experience with intricate knowledge of the DoD Risk Management Framework and DIACAP accreditation processes.

General knowledge of eMASS, NIST 800-37, and NIST 800-53.


Ability to read, analyze and interpret general business periodicals, professional journals, technical procedures or governmental regulations. Ability to write reports, business correspondence and procedure manuals. Ability to effectively present information and respond to questions from groups of managers, clients, customers and the general public.


Ability to work with mathematical concepts such as probability and statistical inference, and fundamentals of plane and solid geometry and trigonometry. Ability to apply concepts such as fractions, percentages, ratios and proportions to practical situations.


Ability to define problems, collect data, establish facts and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables.


The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this job.

Work is primarily performed in an office environment. Regularly required to sit. Regularly required use hands to finger, handle, or feel, reach with hands and arms to handle objects and operate tools, computer, and/or controls. Required to speak and hear. Occasionally required to stand, walk and stoop, kneel, crouch, or crawl. Must frequently lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, depth perception, and ability to adjust focus.  Exposed to general office noise with computers printers and light traffic. 

Alternative work sites (contingency only) allow for regular telework or remote work flexibilities. IAM must be based within 50 miles of Fort Meade. Regardless of where work is performed, the IAM shall ensure that work is completed effectively and that mission needs and requirements are met, without degradation of services.


Responsible for the integration of CNI Core Competencies into daily functions, including commitment to integrity, knowledge/quality of work, supporting financial goals of the company, initiative/motivation, cooperation/relationships, problem analysis/discretion, accomplishing goals through organization, positive oral/written communication skills, leadership abilities, commitment to Affirmative Action, reliability/dependability, flexibility and ownership/accountability of actions taken.


Promotes and encourages a culture of compliance with all applicable rules (federal, state, local, Federal Acquisition Regulations, Code of Federal Regulations, Prime Contract requirements, etc.) for themselves and the company as a whole. Fosters an environment in which they will report any violations or reasonably suspected violation of CNI policy, FAR, and/or CFR and are comfortable discussing the myriad compliance, conflict, FAR, CFR, etc. issues that arise during the performance of a government contract.  

EOE including disability/vet. 

 ****This position is contingent upon contract award **** .


If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

Apply Today