Information Systems Security Manager (ISSM)

About The Position

Requirements

• 8+ years experience in information security.
• Bachelor’s degree in a related field.
• Additional years of experience may be substituted for degree requirements.
• Must be CISSP certified.
• Strong knowledge of Air Force, DoD and applicable Federal Cybersecurity Directives and Instructions.
• Able to work dynamically and effectively with people on projects (formal and informal) and conduct technical interchanges as required.
• Must have strong customer service and communication skills.
• Able to work in a team environment and interact with all levels of an organization in a professional manner.
• Keen attention to detail.
• Must be a US citizen and hold a current Top Secret clearance with SCI Access (TS/SCI).

Responsibilities

• Perform oversight of the development, implementation and evaluation of information system security program policy.
• Perform analysis of network security, based upon the ICD 503, DCID 6/3 Appendix E, DITSCAP, DIACAP, JSIG, and/or NISPOM Chapter 8; advise customer on IT certification and accreditation issues.
• Perform risk assessments and make recommendations to customers.
• Advise government program managers on security testing methodologies and processes.
• Evaluate certification documentation and provide written recommendations for accreditation to government.
• Periodically review system security to accommodate changes to policy or technology.
• Develop and maintain a formal Information Systems Security Program.
• Develop, review, endorse, and recommend action by the designated approval authority (DAA) of system certification documentation.
• Conduct certification tests that include verification that the features and assurances required for each protection level are functional.
• Coordinate AIS security inspections, tests, and reviews.
• Develop policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents.
• Ensure proper protection or corrective measures have been taken when an incident or vulnerability has been discovered within a system.
• Ensure that security testing and evaluations are completed and documented.
• Evaluate threats and vulnerabilities to ascertain whether additional safeguards are needed.
• Assess changes in the system, its environment, and operational needs that could affect the accreditation.
• Ensure configuration management (CM) for security-relevant AIS software, hardware, and firmware are properly documented.
• Ensure that system security requirements are addressed during all phases of the system life cycle.
• Provide leadership, mentoring, and quality assurance for Team Members.

Benefits

• Health and Dental Insurance
• 401(k) and Matching
• Life Insurance
• Short- and Long-Term Disability
• Paid Time Off
• Paid Holidays
• Professional Membership
• Technical Training
• Certification
• Education Assistance