ISSM

About The Position

Requirements

• BS in related field or 15+ years relevant experience
• 5+ years of experience in cybersecurity within Department of Defense
• Extensive knowledge of DoDI 8500, NIST SP 800-37, NIST SP 800-53 and Committee on National Security Systems Instruction (CNSSI) 1253
• Active DoD TS Clearance
• Knowledge of Information Assurance Vulnerability Alerts (IAVAs)
• Experience obtaining and maintaining Cybersecurity Maturity Model Certification (CMMC)
• Experience with Windows and Linux environments
• Fortigate Firewalls
• Network infrastructure including LAN, WAN, routing, switching, monitoring
• Working knowledge of Layer-3, VPNs, firewall policy and VLAN management
• Active Directory; managing Group Policy, OU Design, etc.
• Virtualization; VMWare/HyperV.
• Network Protocols; DNS, DHCP, RADIUS
• This position must meet Export Control compliance requirements, therefore a “US Person” as defined by 22 C.F.R. § 120.15 is required. “US Person” includes US Citizen, lawful permanent resident, refugee, or asylee.
• Active Security Clearance is required or ability to obtain a security clearance

Nice To Haves

• Business Class Wireless Solutions
• Backup, Disaster Recovery, and Business Continuity
• zScaler solutions
• Experience designing and maintaining non-secure computer systems and networks
• Understanding of Patch Management cycle including Vulnerability Scans, WSUS, 3rd Party patching
• CCNA (Preferred)
• ISC2 – CISSP
• ISACA – CISA
• CompTIA - CySA+
• GIAC Certified Enterprise Defender
• GIAC Information Security Professional Certification

Responsibilities

• Responsible for beginning-to-end, design, implementation, full compliance and information assurance for all classified program computing needs
• Responsible for both hardware and software
• Design and set up information systems (IS) for classified computing and networks for US Government system accreditation under the Risk Management Framework (RMF)
• Create and review required documentation, including System Security Plans (SSPs), Risk Assessment Reports (RARs), Assessment and Authorization (A&A) packages, Security Controls Traceability Matrix and Continuous Monitoring artifacts
• Perform auditing and vulnerability analysis and develop risk assessments to support Government A&A activities
• Secure classified data transmission lines and protocol
• Experience performing continuous monitoring of secure systems and system controls.
• Develop and maintain computer solutions that are DoD compliant
• Develop and maintain cross boundary network solutions (e.g., firewalls, access control lists, etc.) between multiple secure networks
• Act as secondary responsible for all company non-classified IT systems
• Other duties, as assigned

Benefits

• competitive salary
• comprehensive medical
• dental
• vision
• 401k
• sick leave
• PTO