Information System Security Manager

General Dynamics•Colorado Springs, CO

40d•Hybrid

About The Position

We are seeking a highly motivated Information Systems Security Manager (ISSM) to join our teams Colorado Springs, CO or Pittsburgh, PA office. This person will perform the tasks of an Information Systems Security Manger (ISSM) for multiple Department of Defense (DoD) and Intelligence Community (IC) programs. Candidates must be knowledgeable of information technology and security principles. This is a multi-tasking environment that demands customer service, communication, and organizational skills. The candidate will support information system life cycle activities from rapidly establishing systems to support classified proposals, to scoping systems for new programs and preparing Risk Management Framework packages, to regular maintenance, support and upgrades of systems during program execution, to program close-out and de-certification activities. Duties also may include: Serve as Information Systems Security Manager (ISSM) for classified computers in DoD and Intelligence Community computing environments. Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis. Ensure system security measures comply with applicable government policies. Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system. Design, develop, and recommend integrated security solutions for multiple classified IS with various operating systems. Prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, RAR, SCTM) including participation in system categorization. Ensure the development, documentation, and presentation of IS security education, awareness, and training activities for users and others, as appropriate. Apply cyber security standards, directives, guidance and policies to classified computing environments. Investigate security incidents to include data spills, data integrity incidents, and malicious code incidents. Ensure system security measures comply with applicable government policies, provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system. Conduct reviews and technical inspections to identify and mitigate potential security weaknesses, and ensure that all security features applied to a system are implemented and functional. Provide support to other cybersecurity personnel for maintaining appropriate operation information assurance (IA) posture for programs. Assist COMSEC custodians in the execution of COMSEC duties in the local office space Collaborate with other IA offices to ensure continuity of secure systems operation. Support COMSEC custodian activities

Requirements

Requires a Bachelors degree in Engineering, or a related Science or Mathematics field. Also requires 8+ years of job-related experience, or a Master's degree plus 6 years of job-related experience.
Department of Defense TS/SCI security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required.
Experience as an ISSM implementing ICD 503, and/or JSIG IS requirements.
Current Security + or CISSP certification
Have or obtain CISSP certification per DoD Directive 8570.1 within 6 months upon being hired.
Be technically familiar with modern MS Windows and Linux operating systems.
Previous experience working as a security professional in a SAP/SCI environment
Familiarity conducting vulnerability scans.
Familiarity with the ODAA Baseline Standard requirements, Joint Special Access Program (SAP) Implementation Guide (JSIG) and Risk Management Framework (RMF).
Strong team player.
Travel may be required on an as-needed basis.

Responsibilities

Serve as Information Systems Security Manager (ISSM) for classified computers in DoD and Intelligence Community computing environments.
Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis.
Ensure system security measures comply with applicable government policies. Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
Design, develop, and recommend integrated security solutions for multiple classified IS with various operating systems.
Prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, RAR, SCTM) including participation in system categorization.
Ensure the development, documentation, and presentation of IS security education, awareness, and training activities for users and others, as appropriate.
Apply cyber security standards, directives, guidance and policies to classified computing environments.
Investigate security incidents to include data spills, data integrity incidents, and malicious code incidents.
Ensure system security measures comply with applicable government policies, provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
Conduct reviews and technical inspections to identify and mitigate potential security weaknesses, and ensure that all security features applied to a system are implemented and functional.
Provide support to other cybersecurity personnel for maintaining appropriate operation information assurance (IA) posture for programs.
Assist COMSEC custodians in the execution of COMSEC duties in the local office space
Collaborate with other IA offices to ensure continuity of secure systems operation.
Support COMSEC custodian activities