Information Security/Privacy Manager

About The Position

Requirements

• Bachelor's degree with a minimum of 10 years of relevant experience.
• Experience with Risk Management Framework (RMF) and NIST SP 800-53 controls.
• Experience in analysis of security plans and policies.
• Demonstrated ability to be self-motivated, self-supervisory, and results oriented.
• Demonstrated organizational skills and strong verbal/written communication skills.
• The ability to obtain/ maintain Security+ certification within 6 weeks of hire date.
• The ability to obtain a Common Access Card (CAC).
• U.S. citizenship.
• The ability to obtain a DoD level Secret security clearance.

Nice To Haves

• 3+ years of team management or team lead experience.
• General experience with DoD networks.
• Current Security+ certification.
• Current CISM, CIPA, CISSP professional certification.
• An active DoD level Secret security clearance.
• Experience with Enterprise Mission Assurance Support Service (eMASS).

Responsibilities

• Perform as an Information System Security Manager (ISSM) and manage and direct the workload of an Information Assurance team of 4-6 employees.
• Ensure that security policies, procedures, and directives of the National Industrial Security Program Operating Manual NISPOM manuals are followed.
• Maintain oversight and compliance of existing information systems through technical reviews and system auditing.
• Interface with program management and customers on security requirements implementation, documentation, and classification management.
• Provide information systems security guidance awareness and training and participates in customer security inspections and reviews.
• Manage, develop, prepare, implement, and maintain security plans, standard operating procedures (SOPs), security tests, and evaluation plans.
• Collaborate with internal security and IT staff to ensure the continued compliance and secure operation of accredited information systems.
• Keep abreast of industry best practices and trends, as well as new technologies, and then plans and advises for implementation.
• Manage 3 A&A packages utilizing eMASS for system approval.
• Submit POA&Ms for TCNO, STIG, or other system deficiencies.
• Coordinate with systems administrators, developers, and other team members for issue resolution, coordination or clarification.
• Review change requests for system security impacts.
• Review System Access Requests for the systems administered by the organization.
• Revalidate email organizational accounts.
• Create and modify security group requests, adding and removing users to groups.
• Answer cyber related security questions from team members within organization.
• Ensure compliance with DoD/AF instructions, directives, EOs and other regulations.

Benefits

• Overtime
• Shift differential
• Discretionary bonus