Information System Security Manager (ISSM)

About The Position

Requirements

• Active TS/SCI and willingness to sit for a poly upon request.
• Bachelor’s degree in engineering, Computer Science, or 8 years IT field experience in lieu of degree; Master’s Degree preferred
• Minimum of 2 years of Information Technology Information Assurance, or Cyber Security engineering experience.
• Minimum of 2 years of experience in conducting security assessments by reviewing security controls with the ISSO/ISSM and guide programs through RMF process.
• Must be DoD 8140 compliant
• Proven expertise with assessing security controls in accordance with NIST Special Publications (i.e.: NIST 800 Series)
• Proven in-depth knowledge of Cybersecurity principles technologies, and processes.
• Experience with NIST 800-53, Security Development
• Familiarity with performing assessments for Unclassified and Classified environments
• Ability to adapt to process changes
• Ability to interface with senior leadership
• Ability to support high visibility or high priority projects
• Possession of excellent oral and written communication skills

Nice To Haves

• Master’s Degree preferred in Engineering, Computer Science
• Preferred certifications: CISSP, ISSMP, GSLC, CAP, CASP+, CCISO CCSP, CISM, CISSP, Cloud+ or SSCP

Responsibilities

• Deliver documentation to include Executive level briefings, Assessments, Self-Assessments, RMF packages, and supporting RMF documentation
• Review Cybersecurity tool reports for the purposes of reporting and compliance
• Software Certification package development
• Support security engineering projects and solution delivery.
• Lead security audit and compliance activities for each system responsible for
• Responsible for auditing all artifacts provided in each RMF package to determine system readiness for ATO packet submissions.
• Provide recommendations to the SISO, PM, and AO regarding remediation and mitigation of identified vulnerabilities on test reports and plan of action and milestones (POA&Ms).
• Monitor system status updates and report to senior leadership.
• Create monthly executive reports, vulnerability reports.
• Monthly executive briefing to SISO, PM on security metrics
• Interface with PMs and SISO on issues needing input/concurrence
• Draft and present RMF deliverables to senior leadership
• Attend Executive Program Reviews as the ISSM
• Work with outside agencies on Memorandums of Understanding / Interconnection Service Agreements, and other senior level agreements etc.

Benefits

• KBR may offer bonuses, commissions, or other forms of compensation to certain job titles or levels, per internal policy or contractual designation. Additional compensation may be in the form of sign on bonus, relocation benefits, short term incentives, long term incentives, or discretionary payments for exceptional performance.
• KBR offers a selection of competitive lifestyle benefits which could include a 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, disability, paid time off, or flexible work schedule.
• We support career advancement through professional training and development.