Alternate ISSM / Classified Cybersecurity Associate Manager

About The Position

Requirements

• Current Final Secret to start with ability to obtain Top Secret clearance
• Current DoD 8570 IAM Level III certification, with a requirement to maintain certification throughout employment
• Proven experience with industry-standard Information Assurance tools, including vulnerability management and auditing tools
• Risk Management Framework and accreditation experience
• Demonstrated ability to communicate with non cybersecurity professionals in a clear and concise manner
• Ability to lead, motivate and develop high-performing cybersecurity professionals

Nice To Haves

• Demonstrated technical experience in Windows and Nix based operating systems and command line
• Previous experience working with system accreditation requirements and RMF implementation
• Experience implementing complex technologies within large environments, possessing strong technical skills
• Understand Agile operations while possessing sound business acumen
• Experience setting up or using Tenable Nessus / Security Center
• Experience setting up or using Splunk
• Experience with scripting languages
• Experience working with other teams, managers, and program leadership to resolve items
• Bachelor's degree in a relevant discipline and 9 years of relevant work experience or a master's degree and 7 years of relevant work experience

Responsibilities

• Lead Technical Security Operations: Lead and coordinate day-to-day information system security operations, providing expert guidance on all technical security matters in support of the ISSM.
• Cyber Talent Management: Attract, retain, and develop top cyber talent to ensure a skilled and effective security team.
• Authorization and Compliance: Review, oversee, and ensure the accuracy of RMF Package authorizations, and maintain up-to-date documentation of compliance actions within the approved automated compliance tracking system or develop a plan of actions and milestones (POA&M).
• Security Governance: Ensure systems are operated, maintained, and disposed of in accordance with security policies, practices, and procedures, and enforce compliance with relevant regulations and standards.
• Configuration Management: Ensure configuration management (CM) for security-relevant IS software, hardware, firmware, and system documentation, maintaining accurate and up-to-date records.
• Lifecycle Management: Maintain and ensure the accuracy of all information systems lifecycle management documentation, including system design, development, testing, implementation, and disposal.
• Change Management: Evaluate proposed changes or additions to the information system, assessing their security relevance and advising the ISSM on potential risks and mitigations.
• Education and Training: Develop and deliver security IS education and training programs.
• Audit and Risk Assessment: Participate in internal and external security audits and inspections, performing risk assessments and identifying areas for improvement.
• Incident Response: Assist in conducting analysis of computer security violations and incidents, and ensure proper protection and corrective measures are taken.
• Policy Implementation and Enforcement: Collaborate with the PSR to implement and enforce Information Security Policies and Procedures.

Benefits

• Medical
• Dental
• Vision
• Life Insurance
• Short-Term Disability
• Long-Term Disability
• 401(k) match
• Flexible Spending Accounts
• EAP
• Education Assistance
• Parental Leave
• Paid time off
• Holidays