Information Systems Security Manager

About The Position

Requirements

• Either a bachelor’s degree and 10-12 years of experience; or a master’s degree and 8-10 years of experience in working with IT Security policies and government frameworks.
• Must possess and be able to maintain a TS/SCI clearance with Polygraph.
• DoD 8140.03 (8570) certification (IAM Level II – CISSP, CISM, GSLC, CASP/SecurityX).
• Experience in achieving an ATO(s) through any of the following security frameworks: FedRAMP, NIST 800-53, NIST 800-171, CNSS 1253, etc.
• Understanding of simple networks, operating systems (Microsoft Server, Windows, Linux), and computer functions.

Nice To Haves

• High level of personal motivation and initiative to learn and acquire new skills and adapt seamlessly to an ever-changing security environment.
• Self-motivated individual who requires limited supervision and has excellent time management skills.
• Strong organizational and communication skills, particularly in technical reports, presentations, and policy documentation management.
• Familiarity with Intelligence Community (IC) information assurance and cyber systems and processes.
• Able to interface with other team members, other security disciplines, engineers, and program personnel.
• Experience in managing and operating information security tools such as Nessus, Splunk, or equivalent vulnerability management platforms, with cloud security services, etc.
• Experience in understanding and documenting information system specifications and security controls, including logical and physical diagrams, connectivity, communication, and data flow diagrams, both internal and external to the system.

Responsibilities

• Prepare, maintain, and implement System Security Plans that accurately depict the customer’s contractual requirements.
• Develop, implement, enforce, and monitor security policies across systems to maintain compliance with organizational and federal standards.
• Responsible for the oversight and accountability of day-to-day security operations of all classified information systems.
• Support all disciplines within the security program and ensure business needs and mission are met.
• Works directly with program managers, engineers, and the information assurance team on all phases of system life cycle development.
• Leads the team working with US Government Security Control Assessors (SCAs) and Authorizing Officials (AOs) to develop a comprehensive RMF package including System Security Plans (SSPs), Information Continuous Security Monitoring Plans, and a Body of Evidence to support system authorization.
• Interact with internal and external customers or government officials to perform security duties, address routine information security matters with employees regarding issues, report preparation, and system security access briefings, etc.
• Develops and implements facility procedures to govern marking, handling, controlling removing, transporting, sanitizing, reusing and destroying media and equipment containing classified equipment.
• Responsible for changes to the classified system components, environment and location, including temporary relocation to another classified area.
• Manages reporting and mitigation of information system security incidents. Initiates protective and/or corrective measures designed to prevent future incidents.