CTO/IAVA Compliance Manager

Req ID: 38217

Summary

CTO/IAVA Compliance Manager

Oakton, VA

Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a career where professional development is embedded in your employer's core culture? If so, Chenega Military, Intelligence & Operations Support (MIOS) could be the place for you! Join our team of professionals who support large-scale government operations by leveraging cutting-edge technology and take your career to the next level!

The CTO/IAVA Compliance Manager requires a detail-oriented, proactive, and technically adept individual to lead the coordination and execution of cyber taskings and vulnerability management tasks across our infrastructure. This role ensures continuous compliance with DoD cybersecurity standards and is responsible for applicable cyber taskings, tracking IAVA releases, updating technical documentation, coordinating remediation efforts, and interfacing with internal and external teams.

Responsibilities

• Track and analyze Information Assurance Vulnerability Alerts (IAVAs) on a weekly basis.
• Notify relevant teams of applicable vulnerabilities and required remediation actions.
• Update CTO documentation with the latest vulnerability disclosures and mitigation strategies.
• Develop and execute custom ACAS queries to identify affected systems.
• Initiate and manage tickets for remediation, assigning to the appropriate system owners using tools like SolarWinds and AWS for system identification.
• Maintain a comprehensive and regularly updated Excel tracker to monitor status, ownership, and resolution of vulnerabilities.
• Strong tracking of POA&Ms
• Generate and distribute reports for monthly Service Level Objectives (SLOs) and WAR (Weekly Activity Reports) inputs.
• Ensure data consistency and accuracy to support leadership decision-making.
• Schedule and conduct ACAS rescans to verify applied fixes and validate compliance.
• Track and respond to DCDC taskings and named operations with appropriate actions and documentation.
• Prepare and submit POA&Ms (Plans of Action & Milestones), Product Surveys, and Joint Risk Assessments (JRAM) for various cybersecurity and operational directives.
• Understanding of the role of the Defense Information System Agency (DISA) Mission Assurance Directorate (MA) and the Security Configuration Management (SCM) portfolio in managing the Continuous Monitoring and Risk Scoring program.
• Familiarity with the DoD's phased implementation of continuous monitoring, specifically focusing on agency Host-Based Security System (HBSS) and ACAS (Assured Compliance Assessment Solution) reporting data.
• Capable of gathering actionable direction and implementing prioritized mitigation decisions based on risk-scoring data.
• Other duties as assigned.

Qualifications

• Bachelor's degree. Can be substituted for Associate's degree with 4+ years of relevant experience.
• 2+ years of relevant experience
• DoD IAT Level II Certification is required.
• DoD Top Secret Clearance is required.

Knowledge, Skills and Abilities:

• Strong understanding of Cyber Taskings, DoD vulnerability management frameworks, and IAVA processes.
• Experience with ACAS (Assured Compliance Assessment Solution), SolarWinds, and AWS infrastructure tools.
• Familiarity with infrastructure components and operational environments (on-prem, hybrid, cloud) is essential to understand tasking and assist in validating compliance.
• Proven ability to manage and track vulnerabilities through the full lifecycle-from identification to closure or risk acceptance.
• Experience supporting DoD or federal cybersecurity compliance efforts.
• Knowledge of RMF (Risk Management Framework), DISA STIGs, and NIST 800-53 controls.
• Prior experience in submitting or managing POA&Ms and risk acceptance documentation.
• Understanding of mission operations, DCDC taskings, and named operations.
• Strong organizational and analytical skills with attention to detail.
• Excellent written and verbal communication skills; able to convey technical issues to non-technical stakeholders.

How you'll grow

At Chenega MIOS, our professional development plan focuses on helping our team members at every level of their careers to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there's always room to learn.

We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their careers.

Benefits

At Chenega MIOS, we know that great people make a great organization. We value our team members and offer them a broad range of benefits.

Learn more about what working at Chenega MIOS can mean for you.

Chenega MIOS's culture

Our positive and supportive culture encourages our team members to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them be healthy, centered, confident, and aware. We offer well-being programs and continuously look for new ways to maintain a culture where we excel and lead healthy, happy lives.

Corporate citizenship

Chenega MIOS is led by a purpose to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our team members, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities.

Learn more about Chenega's impact on the world.

Chenega MIOS News- ;br>
Tips from your Talent Acquisition Team

We want job seekers exploring opportunities at Chenega MIOS to feel prepared and confident. To help you with your research, we suggest you review the following links:

Chenega MIOS web site - ;br>
Glassdoor - _IE369514.11,23.htm

LinkedIn - ;br>
Facebook - ;br>
Chenega Corporation and family of companies is an EOE.

Equal Opportunity Employer/Veterans/Disabled

Native preference under PL 93-638.

We participate in the E-Verify Employment Verification Program