Information Systems Security Manager

Booz Allen Hamilton•Fayetteville, NC

1d•$61,900 - $141,000•Remote

About The Position

Information Systems Security Manager The Opportunity: Leverage expertise in administering US government security policies and procedures for multiple programs as the Information Systems Security Manager (ISSM). Create assessment and authorization packages using Risk Management Framework (RMF) for computer networks using government standards, including ensuring systems are operated, maintained, and disposed of in accordance with security policies and procedures, as outlined in the security authorization package. Maintain responsibility for hardware and software control, computer security briefings, educating users within the security program, and ensuring business needs are met. Work with systems administrators to ensure all systems security procedures are being followed in accordance with the applicable System Security Plan (SSP) and Security Control Traceability Matrix (SCTM), ensure audit files are maintained and reviewed in accordance with client requirements, offer sound decisions, take independent action, analyze problems, and provide focused solutions. Manage system administrators as needed for software patch installation and antivirus updates. Conduct security self-reviews and CONMON requirements. Lead CM efforts to coordinate any changes or modifications to hardware, software, or firmware of a system to ensure compliance with configuration management policy.

Requirements

5+ years of experience as an ISSO or ISSM
Experience with operating systems and configurations, including LAN, WAN, or VLAN
Knowledge of eMASS
Knowledge of the assessment and authorization process for DoW computers
Knowledge of National Industrial Security Program Operating Manual (NISPOM), DCSA Assessment and Authorization Process Manual, Joint Special Access Program Implementation Guide (JSIG), Intelligence Community Directive (ICD) 703, Security Technical Implementation Guides (STIGs), the Risk Management Framework (RMF) process, and associated National Institute of Standards and Technology (NIST) publications
Knowledge of incident handling, including data spills for unclassified and classified systems
Knowledge of virtual environments and hypervisors
TS/SCI clearance
Bachelor's degree
Ability to obtain an IAM Level III Certification with 6 months of hire

Nice To Haves

Experience with VM environments
Experience with COMSEC in relation to secure network communications
Bachelor's degree in Cybersecurity, CS, or Information Assurance
CISSP Certification

Responsibilities

Administering US government security policies and procedures for multiple programs.
Create assessment and authorization packages using Risk Management Framework (RMF) for computer networks using government standards.
Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures.
Maintain responsibility for hardware and software control.
Conduct computer security briefings.
Educate users within the security program.
Ensure business needs are met.
Work with systems administrators to ensure all systems security procedures are being followed in accordance with the applicable System Security Plan (SSP) and Security Control Traceability Matrix (SCTM).
Ensure audit files are maintained and reviewed in accordance with client requirements.
Offer sound decisions, take independent action, analyze problems, and provide focused solutions.
Manage system administrators as needed for software patch installation and antivirus updates.
Conduct security self-reviews and CONMON requirements.
Lead CM efforts to coordinate any changes or modifications to hardware, software, or firmware of a system to ensure compliance with configuration management policy.