Explore thousands of opportunities across Tech:NYC’s member network.


Cyber Policy Administrator



Posted on Tuesday, February 13, 2024
At IBM, work is more than a job – it’s a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you’ve never thought possible. Are you ready to lead in this new era of technology and solve some of the world’s most challenging problems? If so, lets talk.

Your Role and Responsibilities
This position is for an Cybersecurity Policy Administrator supporting the Army Enterprise Private Cloud (AEPC) project that ALTESS is fielding for the US Army. The AEPC solution is a hyperconverged, multitenant private cloud hosting environment for hosting Army enterprise and tactical applications. AEPC is utilizing the full suite of VMware products (ESXi, vSAN, NSX, vCloud Foundations, ARIA Automation, Tanzu) to implement a Software Defined Data Center (SDDC). ALTESS provides value added common and managed services built on top of the VMware foundation, that hosted Army applications will require. ALTESS is a managed service provider (MSP) and hosting services provider for Army applications. ALTESS is a Product Director office under Program Executive Office Enterprise Information Systems (PEO EIS).


  • Serve as overall subject matter expert on Cybersecurity Policy Administration.
  • Work within Enterprise Mission Assurance Support Service (eMASS) to add and update documentation, import ACAS and STIG files, work with POA&Ms, and all other aspects of eMASS management.
  • Work between technical and policy teams to implement, maintain, and monitor technical security configuration controls, including: STIGs, SRGs, and other industry security hardening guidance.
  • Work between technical and policy teams to successfully implement and manage requirements for maintaining cloud P-ATO, ATO, and security control inheritance capabilities.
  • Collaborate with internal and external parties to transform high-level technical objectives into comprehensive technical requirements.
  • Act as the ISSO for hosted systems, assuming the responsibilities as outlined in AR 25-2.
  • Assist hosted customers in obtaining and maintaining RMF for DOD IT and other certifications as required.
  • Update and/or assist the hosted system’s personnel in updating artifacts of the accreditation package and store the artifacts in organizationally defined repository; i.e., system diagram (logical and physical) Hardware/Software/Firmware Inventory, Interface & Ports, Protocols and Services listing, etc.
  • Assist in the preparation of network infrastructure specifications or designs incorporating required information security features.
  • Review and evaluate Information Systems Design Plans, Continuity of Operation Plans, Communication Plans, engineering change proposals and configuration changes for compliance with relevant security regulations, policies, and best industry practice.
  • Interact with the Army CSSP, C5ISR, and customer ISSMs on a regular basis.

Security Clearance: DOD Secret (Fully Adjudicated), as a minimum

Required Technical and Professional Expertise

  • Security Clearance: DOD Secret (Fully Adjudicated), as a minimum
  • Mid to senior level Cybersecurity Policy Administrator experience in a cloud environment
  • DoD 8570.01-M IAM level II certification is required.
    • Resource must possess Baseline certification as defined in DoD Instruction 8570.01-M.
  • eMASS experience is required.
  • Understanding of network, storage, server, and application technologies
  • Working knowledge of DoD STIGs, and IA Vulnerability Management (IAVM)

Preferred Technical and Professional Expertise

  • Experience effectively managing multiple large-scale projects
  • Experience automating routine administrative tasks desired
  • Understanding of network, storage, server, and application technologies