Information Systems Security Manager

ReLogic Research•Huntsville, AL

3d•Onsite

About The Position

INFORMATION SYSTEMS SECURITY MANAGER (ISSM) ReLogic Research, Inc. is seeking a self-starting and highly-motivated individual to join our team! ReLogic’s central focus is to continually promote a culture that stimulates personal, professional, and intellectual growth, while developing elegant solutions to tough problems. We encourage teammates to be self-governing based on high standards of professionalism and judgement. This is a 100% onsite role because of the need for consistent, in-person collaboration and due to the security nature of this particular role.

Requirements

In receipt of bachelor’s degree and a minimum of 3 years of ISSM or relevant cyber security experience
Able to interface with other Information Assurance team members, other security disciplines (industrial security, physical security, special programs security, etc.), program personnel and government security representatives.
Strong analytical, oral communication, and written skills
Active Secret security clearance or ability to receive and maintain clearance
Familiarity with Facility Security requirements for DoD
Experience with the development of core documentation including System Security Plans, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, and Configuration Management Plans.
Experience with the review and creation of mitigation reports from compliance and vulnerability scanning tools (Nessus, SPLUNK, SCAP, ACAS, SCC).
Experience with the development of core documentation including System Security Plans, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, and Configuration Management Plans.
Experience with the administration and oversight of Windows and Linux systems.

Responsibilities

Responsible for supporting adherence to all aspects of a rigorous Risk Management Framework (RMF) compliance program as stipulated by NISPOM/DAAPM, JSIG, ICD 503, STIGs and associated NIST publications.
To obtain and maintain Authority to Operate (ATO) approvals for various systems by adhering to the Risk Management Framework (RMF).
Assume responsibilities for leading the development, management and improvement of the IT risk practice.
Partner with managers and team members to ensure risk and compliance issues are identified, assessed, mitigated, monitored and reported.
Monitor and enforce adherence to all applicable regulatory requirements and internal corporate policies.
Lead internal issue/event investigations, coordinating risk mitigation efforts and providing compliance recommendations.
Audit and measure processes against industry standard frameworks and monitor for quality and compliance.
Oversee the effective completion of self-certification and audit activities.
Utilize and maintain a depth understanding of applications and tools required for risk execution and reporting needs.
Provide effective mentoring and guidance to other IT personnel and may assist in developing policy, standards and procedures.
Provide oversight for all classified systems compliance, and ensure the execution of our strong self-inspection program.
Assist in daily requirements of industrial security.