Broadleaf, Inc has been featured as one of Inc. Magazine's "Top 5000 fastest growing companies". Broadleaf, Inc has established itself as #146 (2020) from #733 (2019).  www.inc.com/profile/broadleaf

Founded in 2009 and headquartered in Virginia, Broadleaf is a Native Hawaiian Organization (NHO) owned small business. We are a mature 8(a) firm who has achieved Capability Maturity Model Integration (CMMI) Level 3 for Development, CMMI Level 3 for Services, and ISO 9001, ISO 27001, and ISO 14001 certifications. These quality improvement programs directly influence our management and technical solutions.
Unlike other small businesses, our certifications prove that we have mature processes and procedures which will be used to deliver a high-quality service to our clients.
​
What is an NHO?
Native Hawaiian Organization or NHO is a community service organization serving Native Hawaiians in the State of Hawaii which is a not-for-profit organization chartered by the State of Hawaii, is controlled by Native Hawaiians, and whose business activities will principally benefit such Native Hawaiians.

Our NHO’s Mission
NHO is a non-profit organization designed to benefit the Hawaii people through the development and advocacy of Science, Technology, Engineering and Math (STEM) education and by promoting Hawaii’s role as America’s Gateway to the Pacific.
Our NHO supports this missions through an agenda that facilitates community resilience, development, economic prosperity, and strengthens Hawaii’s relationships with its Asia-Pacific neighbors.

Lead a Cyber Assurance (CA) team which conducts Risk Management Framework efforts supporting Enterprise level tasks (Tier II.)  The CA team includes Cyber Analysts and Cyber Validators. In addition, the CA team conducts A&A validation and security testing servers or network devices before allowing the hardware to be added to the network. The CA team may be required to travel at least 10 times a year for annual security assessments and continuous monitoring efforts.  The CA team may assign Cyber Analysts to assist system level efforts for conducting Tier III RMF tasks.

Apply sound program practices to establish and maintain consistency of a product’s or system’s attributes with its requirements and evolving technical baseline over its life. It involves interaction among multiple program functions such as systems engineering, hardware/software engineering, specialty engineering, logistics, contracting, and production in an Integrated Product Team (IPT) environment.

EDUCATION REQUIREMENTS:

• Bachelor’s Degree in Information Technology, Information Systems Management, or Cybersecurity

BASIC QUALIFICATIONS:

• 
  At least 7 Years- managerial Cybersecurity experience with at least 3 years at enterprise (tier II) level
  
  
  • Leading a team of 4+ supporting A&A validation, RMF assurance, POA&Ms, and eMASS submissions; OR
    
  
  
  • Leading a team of 4+ risk management professionals at the enterprise level charted with the full spectrum of risk management activities; OR
    
  
  
  • Leading a team of 4+ configuration management personnel across an enterprise environment by handling identification, definition, and baselining over 500 configuration items annually
  
  


• Knowledge of DoD, NIST, DISA, and other applicable Cybersecurity Policies


• Possess strong writing skills; experience preparing enterprise wide SOPs, reports for high level officials,


• Demonstrated experience identifying risk, impact, risk reduction, risk register, risk tracking, risk exception processes


• Demonstrated experience preparing federal regulation compliance reports


• Understanding of cyber assurance, risk management, and configuration management


• Ability to manage multiple projects across multiple teams in support ensuring quality, timeliness, and completeness


• Developed or contributed to A&A related POA&Ms and Risk Assessment Reports as directed by applicable policy and guidance.


• Experience leading reviews and analysis of data found in eMASS (or similar A&A Repository /continuous monitoring tool)


• Finalize and submit reports identifying noncompliant systems


• Lead teams in scanning and develop scanning schedules to meet prescribed requirements

Certification(s):

• IAM Level III REQUIRED

Clearance Level:

• Active TS/SCI Clearance REQUIRED

WORK ENVIRONMENT AND PHYSICAL DEMANDS: 

• This is a partial Telework position


• This position is subject to travel 10%-30%


• If alternate worksite is other than DCSA facilities or corporate office space, must have the reliable ability to communicate over voice (cell phone preferred) and stable, capable internet connection.


• Must speak English well enough to communicate complex technical ideas to a diverse customer both verbally and in written form.

BENEFITS:

• Health, Dental, Vision, 401K Matching, AD&D Insurance

EEO Employer F/M/Vet/Disabled