Cybersecurity – Information System Security Manager (ISSM)

About The Position

Requirements

• Currently hold certification in good standing to satisfy IAM Level III (CISSP, GSLC, or CISM)
• 5+ years of experience and/or education in IT, cybersecurity, or related fields
• 5+ years of experience with the Risk Management Framework (RMF), cybersecurity policies, and RMF implementation (e.g., DAAG, CNSSI 1253, ICD-503, JSIG, or NIST SP 800 series)
• 5+ years of experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS
• 3+ years of experience with cybersecurity leadership overseeing programs and teams, authorizing risk decisions, coordinating stakeholders, and improving security and compliance
• 3+ years of experience communicating complex technical risks, translating impact, and advising senior leaders
• This position requires an active U.S. Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active)
• This position must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.62 is required. “U.S. Person” includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee.

Nice To Haves

• 5+ years of experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs
• 5+ years of experience assessing and documenting test or analysis data to show cyber security compliance

Responsibilities

• Perform security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted industry and government standards
• Lead and implement the Assessment and Authorization (A&A) processes under the Risk Management Framework (RMF) for new and existing information systems
• Facilitate development of Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acknowledgement Letters (RAL) and support Continuous Monitoring (CONMON)
• Supervise configuration management of assigned systems; auditing systems to ensure security posture integrity
• Lead staff with assessments and test/analysis data to document state of compliance with security requirements
• Conduct risk assessments and investigations, implement appropriate risk mitigations, and coordinate incident response activities
• Conduct periodic hardware/software inventory assessments
• Serve as organization spokesperson on sophisticated projects and programs
• Act as advisor to management and customers on sophisticated technical research studies
• Collaborate with the appropriate government customers, suppliers, and company personnel to implement protective mechanisms and to ensure understanding of and compliance with cybersecurity requirements
• Supervise the development and deployment of program information security for all program systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures
• Handle assigned team to facilitate effective execution of Risk Management Framework (RMF)
• Provide guidance and mentor to support team within Information Security
• Lead and perform security compliance continuous monitoring
• Coordinate and participate in security assessments and audits
• Prepare, review, and present technical reports and briefings
• Identify root causes, prioritize threats and recommend and/or implement corrective action
• Explore the enterprise and industry for evolving state of industry knowledge and methods regarding information security best practices
• Lead development of enterprise-wide information security policies, standards, guidelines and procedures that may reach across multiple partner organizations

Benefits

• At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent.
• Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.
• The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.
• The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.