Information Systems Security Manager (ISSM)
About The Position
Castelion is seeking a classified cyber assurance practitioner to drive the Castelion classified cyber assurance program forward. The program focuses on three major areas: Assessment: Assessing the state of the classified cyber assurance program against industry standards, requirements (contractual and regulatory), and organizational needs. Governance: Managing and spearheading governance of the classified cyber assurance program to interpret and drive implementation of industry standards, requirements (contractual and regulatory), and organizational needs. Communications: Be "the face" of classified cyber assurance program to both internal and external stakeholders (e.g. customer, regulatory, government and supplier entities). The successful candidate will drive the classified assurance team to ensure Castelion delivers on customer requirements, reduces risk, and ensures mission success. We are a fast paced, multi-tasking, highly dynamic work environment with high degrees of autonomy and accountability.
Requirements
- Bachelor's degree; OR 5+ years of experience managing cyber assurance for classified computer systems/networks in lieu of a degree
- 3+ years of experience in cyber assurance
Nice To Haves
- Demonstrated experience with NRO A&A processes and the JSIG A&A processes
- Subject matter expertise in the RMF 7 step process
- Experience working within highly technical and demanding teams and environments
- Experience with obtaining ATO(s) for networks, weapon systems, and satellite systems
- Demonstrated experience with COMSEC procedures and practices
- Exceptional written and verbal communication skills
- Exceptional organizational skills
- Demonstrated project management skills, and continued track record of getting things done quickly with high quality
- Demonstrated record for providing unique and/or novel solutions
- Demonstrated record of integrating with I.T. and product security functions
- Ability to perform within mission and time constrained environments
- High comfort with and acceptance of performing individual contributor functions/tasks
- Masters Degree in Cybersecurity
Responsibilities
- Responsible for the complete RMF A&A lifecycle process for assigned Castelion classified information systems
- Ensure compliance with existing regulatory, policy, and contractual requirements as they pertain to Castelion classified information systems
- Responsible for identification, triage, and implementation of new regulatory and contractual requirements into both broad and specific applications
- Keep apprised of emerging community practices, risks, and threats
- Plan, prepare for, schedule and coordinate audits, assessments, and tests
- Identify, evaluate, and select various automation, assessment, and management tool sets to drive effectiveness and efficiencies
- Provide expert knowledge of Nessus, Splunk and Security Center tools
- Provide expert knowledge of Service Now (SNOW), eMASS, and other GRC tools
- Guide and mentor Cleared Cyber Assurance Analyst(s)
- Build and maintain positive relationships with internal stakeholders, contractual partners, and government customers
- Successfully further Castelion objectives and initiatives
- Ensure all classified networks remain in compliance and have active ATO
- Responsible for creating and maintaining all required cybersecurity trainings, user agreements, media logs, and classified equipment control
- Ability to meet fast deadlines while maintaining compliance
Benefits
- All employees are granted long-term stock incentives as part of their employment as Castelion.
- All employees receive access to comprehensive medical, vision, and dental insurance
- the company offers four weeks of paid time off per year.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
