Information Systems Security Manager (ISSM)
About The Position
WSP USA Solutions has an immediate opportunity for a full-time Information Systems Security Manager (ISSM) to work out of our Arlington, VA office. The successful candidate will possess a strong interest in engaging, intellectually stimulating and rewarding assignments. The role also includes system administration responsibilities, providing technical support to the office, as needed. WSP USA Solutions offers an environment that supports work/life balance and advancement opportunities and is seeking professionals who have an intellectual curiosity and who are dedicated to personal and professional growth. The Information Systems Security Manager will oversee all information system security requirements in accordance with NIST 800-53 standards, ensuring compliance through continuous monitoring. The individual in this role must be willing and able to develop the necessary knowledge and expertise to manage every aspect of information systems security, including overseeing day-to-day security operations for systems and associated media. The ISSM will also assist with maintaining compliance to the Cybersecurity Maturity Model Certification (CMMC) NIST 800-171 controls for the organization's Azure GCC-H cloud environment. Staying current on evolving threats that may impact the system is a critical aspect of this role.
Requirements
- Bachelor’s degree in Computer Science, Information Assurance Security, or equivalent.
- 7-10 years experience working with information insurance, Cybersecurity or security related projects.
- Due to client requirements, U.S. Citizenship is required.
- Ability to obtain a Top Secret Clearance.
- Possession of, or the ability to obtain within six months of hire, DoD 8140 IAM Level II baseline certifications. Must also hold or be able to earn a Security+ certification within six months of hiring.
- Experience working with Security Technical Implementation Guides (STIGs) and SCAP compliance tools.
- Familiarity with SIEM tools such as Sentinel and vulnerability scanners like Nessus.
- Solid understanding of the Risk Management Framework (RMF) and NIST standards.
- Ability to diagnose complex hardware and software issues within the technical environment.
- Experience with Microsoft Server, Windows 11, and some Azure cloud management.
Nice To Haves
- Possesses a current, active Top Secret Clearance (TS Clearance).
- Maintains IAM Level II compliance with CISSP certification.
Responsibilities
- Developing, implementing, and maintaining System Security Plans (SSP) in alignment with Risk Management Framework (RMF) requirements.
- Ensuring all newly acquired hardware is hardened based on Security Technical Implementation Guides (STIGs).
- Managing Configuration Management (CM) for all related hardware, software, and security-related functions.
- Identifying security deficiencies or discrepancies and proposing appropriate solutions.
- Tracking findings within the Plan of Action and Milestones (POA&M) through mitigation and risk acceptance processes.
- Conducting regular audits and continuous monitoring to detect vulnerabilities, maintaining compliance with NIST 800-171 and 800-53 frameworks.
- Leading the incident response process, including reporting security incidents and preparing incident reports.
- Preparing for and participating in self-inspections and DCSA security vulnerability assessments.
- Assessing the security impact of both security-relevant and non-security-relevant changes.
- Performing system administration tasks and delivering comprehensive IT support to the office.
Benefits
- Employees are also afforded a comprehensive suite of benefits including medical, dental, vision, disability, life, and retirement savings focused on providing health and financial stability throughout the employee’s career.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
