Information Systems Security Manager (Onsite) (Relocation)

RTX•Cedar Rapids, IA

1d•Onsite

About The Position

Our team in Cedar Rapids, IA is seeking an Information System Security Manager (ISSM). The Information Systems Security Manager is responsible for compliance oversight, assessment, and operations of systems under their purview. They may be assigned to a single large-scale program or oversee multiple programs. Must have knowledge regarding National Industrial Security Operating Manual (NISPOM) and related documentation such as: Risk Management Framework (RMF), Baseline Technical Security Configuration Standards, Defense Counter-Intelligence Security Agency (DCSA) DCSA Assessment and Authorization Process Guide (DAAG) Customer/contract specific Cybersecurity regulations. Joint Special Access Program Implementation Guide (JSIG) Components of the cybersecurity (CS) program include Assessment and Authorization (A&A) activities (documentation preparation, system configuration/validation, certification testing, etc.), security sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers, etc.), conducting self-inspections, and delivering information systems security education and awareness. This is an onsite position based in Cedar Rapids, IA. A relocation package is available if needed.

Requirements

U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.
Active and transferable U.S. government issued Secret/Top Secret security clearance is required prior to start date.
Experience supporting cybersecurity compliance as stipulated by DCSA Assessment and Authorization Process Manual (DAAPM) or DCSA Assessment and Authorization Guide (DAAG), Joint SAP Implementation Guide (JSIG), and/or National Industrial Security Program Operating Manual (NISPOM) regulations.
Past direct leadership or project/program management experience.
IAM Level III certification (CISSP or other).
Cybersecurity, systems security or hardening.
Network Security.
Compliance-based management using the Risk Management Framework (RMF).
Experience working with and/or supporting computer technologies (such as: databases, operating systems, computer network hardware, software programs, hardware troubleshooting or electronics).
Project or program management, office management, senior administration, or account management.
Typically requires a University Degree and minimum 8 years prior relevant experience or an Advanced Degree in a related field and minimum 5 years of experience
If position is Engineering/Other Technical Position: U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.
Active and transferable U.S. government issued Secret/Top Secret security clearance is required prior to start date.

Nice To Haves

Master’s Degree in Computer Science, Information Systems, Information Technology, Cyber Security, Criminal Justice, Business or other relevant degree
Experience with various information system security tools that address vulnerability analysis and mitigation. These may include Splunk, Ivanti, Tenable, ACAS, HBSS, Nexpose, etc.
Experience in the oversight and execution of the Assessment & Authorization processes (Certification & Accreditation), as defined in JSIG/DAAG
Experience in the execution and management of Information System’s (IS) incident response and administrative inquiries/investigations in collaboration with the Investigations department
Experience in and execution of a continuous monitoring/improvement program (to include but not limited to self-inspections, security control assessments, training, log management systems, automated inventory utilities, etc.)
Experience working with Jira/Confluence/SharePoint.
Experience with any of the following: NISPOM, JSIG/RMF, and ICD-503 or equivalent requirements to include technical computer/network system auditing
Experience in professional engagements with internal and external customers (i.e., AOs, DAOs, SCAs, Program Managers, etc.), to include negotiating controls/requirements with government Contracting Activities.

Responsibilities

Accountability for all systems under their assigned purview.
Maintaining a working knowledge of all CIS functions, security policies, technical security safeguards, and operational security measures.
Interactions with DCSA SCA/ISSP to track items including, but not limited to, upcoming authorizations (ATO), new technologies solutions (i.e., new SIEM, OS, etc.), policy interpretations (in conjunction with Site ISSM), and onsite A&A.
Developing, maintaining, and updating, in coordination with all system stakeholders (CS Manager, ISO, DT, etc.), applicable site POAM(s) to identify system weaknesses, mitigating actions, resources, and timelines for corrective actions.
Coordinating DCSA SVA preparation activities for assigned CAGE in conjunction with Site ISSM.
Direct interaction with Information System Owners (ISO).

Benefits

Medical, dental, and vision insurance.
Three weeks of vacation for newly hired employees.
Generous 401(k) plan that includes employer matching funds and separate.
employer retirement contribution, including a Lifetime Income Strategy option.
Tuition reimbursement program.
Student Loan Repayment Program.
Life insurance and disability coverage.
Optional coverages you can buy pet insurance, home and auto insurance, additional life and accident insurance, critical illness insurance, group legal, ID theft protection.
Birth, adoption, parental leave benefits.
Ovia Health, fertility, and family planning.
Adoption Assistance.
Autism Benefit.
Employee Assistance Plan, including up to 10 free counseling sessions.
Healthy You Incentives, wellness rewards program.
Doctor on Demand, virtual doctor visits.
Bright Horizons, child, and elder care services.
Teladoc Medical Experts, second opinion program.
And more!