BGIF Cyber Team Lead Job Listing at SPA in Boulder, CO (Job ID 2025-20017)

Description

Qualifications

Required Qualifications:

• Active Top Secret clearance with SCI eligibility
• Bachelor's degree from an accredited institution
• 10+ years of relevant industry experience
• CISSP or CSAP certification is required
• Reports to designated work location in Boulder, CO, up to full time, based on the needs of the customer

At SPA, we strive to deliver a robust total compensation package that will attract and retain the top talent.  Elements of the compensation package include competitive base pay and variable compensation opportunities.  

SPA provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.  

The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, etc.  Please note that the salary information shown below is a general guideline only.  Salaries are commensurate with experience and qualifications, as well as market and business considerations.  

Salary pay range:  150k-185k

SPA has a near-term need for a highly qualified Cyber Team Lead who will be responsible for managing and coordinating cyber resources provided under the BOSS contract. This role will work closely with the ISSM and Deputy ISSM to align daily contractor activities with mission objectives. Serving as the primary point of contact and subject matter expert for all cyber support efforts under the contract, the Cyber Team Lead ensures cohesive execution and ownership of assigned tasks.

Key responsibilities include providing guidance to technical and non-technical personnel across all levels of Certification and Accreditation (C&A) efforts, overseeing the development, completion, and timely submission of C&A packages, and ensuring accurate tracking and reporting of status updates to the customer. Will also ensure that current and proposed information architectures are well-documented to reflect compliance, identify issues, and propose solutions. Directs incident and breach response activities, mitigates issues, and informs key stakeholders. Includes leading vulnerability analysis and implementing plans for network scanning, certification, and ongoing maintenance. Will support government threat assessments, evaluate potential system/network threats, and ensure that all IA and IA-enabled systems, software, and hardware comply with relevant security configurations. Additionally, the role assists in the execution of security testing and evaluations and contributes to the development of comprehensive threat and risk assessment reports. 

• Oversee the overall security, integrity, and operations of BGIF BOSS systems and networks.
• Collect and maintain data needed to meet cybersecurity reporting requirements.
• Ensure Security Technical Implementation Guide (STIG) configuration, patching, scanning and testing of systems.
• Develop/review Communication System Requirement Document (CSRD) technical solutions to provide network, computer system, financial, installation, outside agency coordination, information assurance and customer assistance.
• Develop/find technical solutions and work plans that are consistent with architectural and information system security guidelines.
• Support the Government in the development of assessment and authorization (A&A) packages via the RMF, IAW Air Force Policy Directive (AFPD) 33-2, DoD Directive 8500.1, DoD Instruction 8500.2, DoD Instruction 8510.01, Intelligence Community Directive (ICD) 502, ICD 503, NIST SP 800-53, and AFI 33-210 Air Force Certification and Accreditation (C&A) Program and supports USAFWC customers/users with their specific network and stand-alone system accreditations to include maintaining and updating Trusted Facility Manuals, system descriptions, security policies, user guides, system architectures and security-related documentation.
• Prepare and present training tailored for initial and periodic Information Awareness (IA) Training, System Administrator Technical Awareness, and executive level IA.
• Provide information to support System Administrators, Network Managers, users, procurement staff and security personnel and monitor, implement and report on all security/configuration patches/changes (i.e., NOTAM, IAVA and security/vulnerability advisories).
• Perform a weekly review of the audit trail for USAFWCs systems IAW Air Force Policy Directive (AFPD) 33-2, DoD Instruction 8500.2, ICS 500-27, and ICS 700-02.
• Conduct vulnerability testing and risk analysis as part of the overall assessment process on all networks and systems as determined by the Government.