Information Systems Security Manager

About The Position

Requirements

• Bachelor's degree in Cybersecurity, Computer Science, or a related field.
• 12+ years of progressive experience in cybersecurity, with at least 5+ years in a leadership or management role.
• Experience within the Intelligence Community, to include JCIP and JSIG implementations of RMF.
• Experience with Xacta AND eMASS.
• Must obtain or carry an Agilist certification and DoD 8140.01 IAM Level II certification.
• Active TS/SCI required.
• Demonstrated expertise in network security, vulnerability management, incident response, security architecture, and risk management.
• Proven ability to lead and inspire teams, communicate effectively with technical and non-technical stakeholders, and build strong relationships.
• Strong analytical and problem-solving skills, with the ability to think strategically and make sound decisions under pressure.
• Experience working with DARPA or other DoD agencies, including knowledge of their security requirements and technologies.
• Familiarity with agile development methodologies and SecDevOps practices.

Responsibilities

• Develop and evolve a comprehensive cybersecurity strategy that aligns with DARPA's mission, technological landscape, and evolving threat environment. Utilize your experience in mapping critical information systems to business objectives and ensuring security through process resiliency.
• Lead the identification, assessment, and mitigation of cybersecurity risks, balancing operational needs with security requirements, drawing on your experience conducting site assessments, and developing logistical plans.
• Establish and maintain security policies, procedures, and standards that meet or exceed DoD and industry best practices, leveraging your expertise in developing and enforcing cybersecurity policies for performers and military organizations.
• Ensure adherence to all relevant security regulations, including NIST RMF, DoD STIGs, and other applicable mandates, building on your experience leading successful CCRIs and achieving high compliance scores in cybersecurity inspections.
• Promote a strong security culture within SecuriGence and DARPA, fostering awareness and proactive engagement through training programs and knowledge sharing, similar to your experience implementing volunteer training programs.
• Lead and mentor a team of cybersecurity professionals, foster a high-performing and collaborative environment, drawing on your extensive experience managing teams of contractors, civilians, and military personnel in various capacities.
• Develop and implement an effective incident response plan, ensuring swift detection, containment, and remediation of security incidents, utilizing your experience in resolving critical security incidents and minimizing operational disruptions.
• Establish a robust vulnerability management program that exceeds the DOD mandate of regular scanning, assessing, and remedying vulnerabilities. Leverage your experience in managing cybersecurity vulnerabilities and implementing security controls.
• Oversee 24/7 security operations, including continuous monitoring of networks, systems, and data for anomalies and potential threats, building on your experience managing security operations centers and monitoring critical network infrastructure.
• Stay abreast of emerging threats and vulnerabilities, adapt security strategies and controls as needed, and draw on your experience in cyberspace planning and conducting threat analysis.
• Design and implement secure architectures for systems, networks, and applications, incorporating defense-in-depth strategies, utilizing your experience in engineering and stabilizing enterprise systems through virtualization and tools convergence.
• Conduct thorough security assessments and audits, identifying weaknesses and recommending corrective actions, leveraging your experience in conducting site assessments and evaluating technologies to support secure IT architectures.
• Evaluate, select, and implement security tools and technologies that enhance SecuriGence's security posture, drawing on your experience with a wide range of security tools and technologies (e.g., ACAS, AD, DNS, HBSS, ITSM, OCSP, OS Imaging, SCCM, SCOM, SIEM).
• Collaborate with engineering teams to embed security into the development lifecycle of new products and services, utilizing your experience in implementing Scrum methodologies to improve system reporting and vulnerability compliance.
• Management tasks performed under this contract shall be the primary point of contact for security and contract issues.
• The ISSM shall be responsible for ensuring that practical and effective systems are developed to meet the security and contract requirements.
• The ISSM shall also be responsible for ensuring the quality and timeliness of the work performed, resulting in process improvements that result in cost effectiveness and savings for the Government.
• The ISSM shall provide oversight for contractual, project management, technical, and security actions on behalf of the Contractor.
• The Security group, consisting of the Program Manager and Contractor-designated personnel, is ultimately responsible for all security, programmatic, and operational requirements as identified within this PWS.
• Other duties as assigned.

Benefits

• professional development plan focuses on helping our team members at every level of their careers to identify and use their strengths to do their best work every day.
• opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world.
• on-the-job learning experiences
• formal development programs
• broad range of benefits
• positive and supportive culture
• well-being programs