Information System Security Manager

About The Position

Requirements

• Bachelor's degree.
• An associate's degree with 8+ years of relevant experience OR
• High school diploma or GED equivalent with 10+ years of relevant experience may substitute.
• Must meet DoD 8140.01 certification requirements for IAM-III (CISM, CISSP, GSLC, CCISO)
• DoD Top Secret Clearance with SCI eligibility is required.
• Knowledge of Cyber Security risk management processes
• Experience with managing multiple projects, including adjusting to shifting priorities and solving problems quickly
• Experience with managing project teams, including direct responsibility for people development
• Experience with leading transformation initiatives
• Ability to multitask in a fast-paced environment
• Strong use and understanding of systems engineering concepts, principles, and theories
• Strong knowledge of cybersecurity technology and trends
• Experience presenting technical concepts to a variety of audiences
• Must be able to assist the customer and or staff with technical issues related to security products

Responsibilities

• Assume or delegate the role of SCIF Manager for the ITD-managed SCIF spaces.
• Act as the ITD Contractor representative to the Insider Threat Working Group.
• Prepare reports on the status of security safeguards applied to computer systems.
• Provide leadership, mentoring, and quality assurance for team members as a security expert.
• Work with multiple security, IT, and engineering leadership/stakeholders as well as a variety of security, IT, and engineering technical resources to identify and plan physical and cybersecurity work to meet/exceed program initiatives.
• Support the execution of product cybersecurity elements across programs and services.
• Manage Enterprise systems in a fast-paced and dynamic client-site environment and take charge of cyber tasks in government facilities, including full life cycle Risk Management Framework (RMF), vulnerability management, inspections, governance, and training.
• Ensure that security risks and findings are appropriately documented and provide solutions to remediate issues while allowing systems to remain operational and compliant in a mission-first environment.
• Manage a team supporting the Cybersecurity vulnerability management and implementation of security controls to ensure all systems can meet security accreditation mandates and guidelines.
• Responsible for activities associated with the delivery of Cybersecurity policy implementation and network solutions associated with customer-defined systems and software projects.
• Ensure the government's security requirements are met, complying with applicable DoD policies, and providing Computer Network Defense Services to meet all security service and IA service requirements to protect the Government's Information Systems (IS).
• Manage network boundary/perimeter protection, including firewalls, intrusion detection systems (IDSs), and Virtual Private Networks (VPNs).
• Conduct Incident Management, including emergency response and forensic analysis.
• Lead vulnerability assessment, penetration testing, and analysis of computers and networks.
• Conduct Information Security Risk Assessments.
• Oversee monitoring and analysis of threats to the network infrastructure, and detection and rapid response consistent with the threat's potential harm or damage.
• Maintain proficiency in security tools, techniques, and procedures and counter-measures for network vulnerabilities.
• Assist with the development and maintenance of security policies and procedures.
• Implement and enforce policies and procedures through manual and automated controls.
• Provide status reporting for all escalations, security operations requests, and problems.
• Participate in the remediation of audit findings and understand the operational impact of the NIST Risk Management Framework (RMF).
• Implement procedures and metrics for security operations.
• Ensure the implementation of DoD Security Technical Implementation Guidelines (STIGs).
• Other duties as assigned.