Information Systems Security Manager
About The Position
As an information systems security manager, you know how critical it is to stay ahead of evolving threats by identifying and exploiting vulnerabilities before adversaries can. At Booz Allen, you'll bring that expertise to a mission-focused team where you'll advise appropriate senior leadership or authorizing officials of changes affecting the organization's cybersecurity posture. You’ll use your understanding of cyber operations to apply emerging technologies, uncover system and network vulnerabilities, and collect and maintain data needed to meet system cybersecurity reporting, as well as ensure that security improvement actions are evaluated, validated, and implemented as required. In this role, you’ll evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed to support cyber efforts across the Army enterprise network. Your ability to ensure that cybersecurity requirements are integrated into the continuity planning, and identify alternative information security strategies to address organizational security objectives, will support the security and resilience of critical infrastructure. This is your opportunity to help advance national security through cutting-edge cyber capabilities. Join us. The world can't wait.
Requirements
- 5+ years of experience with NIST RMF policies, including continuous monitoring and information system security policies, standards, and procedures
- 5+ years of experience supporting system ATO processes and creating artifacts, control implementation details, and POA&Ms
- 3+ years of experience with National Institute of Standards and Technology (NIST) security controls, the Governance, Risk, and Compliance (GRC) security documentation tool, RMF, and security compliance processes
- Knowledge of the DoD RMF process
- Knowledge of DoD A&A processes and standards
- TS/SCI clearance
- Bachelor's degree
- IAM Level II Certification such as Certified Information Security Manager (CISM), Certified Information System Security Professional (CISSP) or Associate, CGRC, CASP+, or CompTIA Security X Certification
Nice To Haves
- Experience with the Enterprise Mission Assurance Support Service (eMASS)
- Experience using Security Technical Implementation Guides (STIGs), Security Content Automation Protocol (SCAP), or Assured Compliance Assessment Solution (ACAS)
- Experience managing the authorization status of DoD RMF from steps 1 through 6
- Ability to interface with senior leadership
- Possession of excellent verbal and written communication skills
- Master's degree
- DoD 8570 IASAE Level III Certification such as CISSP-ISSAP, CISSP-ISSEP, or CCSP Certification
Responsibilities
- Advise appropriate senior leadership or authorizing officials of changes affecting the organization's cybersecurity posture.
- Use understanding of cyber operations to apply emerging technologies, uncover system and network vulnerabilities, and collect and maintain data needed to meet system cybersecurity reporting.
- Ensure that security improvement actions are evaluated, validated, and implemented as required.
- Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed to support cyber efforts across the Army enterprise network.
- Ensure that cybersecurity requirements are integrated into the continuity planning.
- Identify alternative information security strategies to address organizational security objectives.
Benefits
- health, life, disability, financial, and retirement benefits
- paid leave
- professional development
- tuition assistance
- work-life programs
- dependent care
- recognition awards program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
