Security Manager - ISSM

About The Position

Requirements

• Bachelor’s Degree in applicable discipline, additional experience may be substituted for the degree.
• The ideal candidate will have 3-10 years’ experience as an ISSM (Information Systems Security Manager)
• Must have an active DoD security clearance at the Secret level or able to obtain one.
• Experience with the system security engineering lifecycle for DAF programs: The understanding how security is integrated into the acquisition process, from requirements definition to testing and deployment.
• Experience with DoD/DAF Cybersecurity requirements and Risk Management Framework authorization processes.
• Experience executing cybersecurity incident response processes and reporting requirements.
• Experience with the Enterprise Mission Assurance Support Service (eMASS), Assured Compliance Assessment Solution (ACAS), and endpoint security tools (e.g., ESS/MS Defender Suite).
• Experience completing and reporting on cybersecurity continuous monitoring requirements to include implementing and monitoring Security Technical Implementation Guide (STIG) requirements.
• Must have a strong background as a systems administrator.
• Must be able to communicate effectively with both technical and non-technical audiences.

Nice To Haves

• An active Top Secret clearance

Responsibilities

• Provide advice and assistance services in support of the implementation of cybersecurity safeguards while developing, coordinating, and implementing short- and long-term strategies during acquisition program development.
• Perform, assess, write, manage, and/or maintain Authority to Operate (ATO) and Security Technical Implementation Guides (STIG) credentials while interpreting and integrating all applicable policies, instructions, and procedures according to appropriate Security Classification Guides (SCGs)
• Provide advice and assistance services by ensuring the confidentiality, integrity, and availability of classified ISs and data using Air Force approved network engineering practices, information security standards, approved industry best practices, and by employing approved new technologies.
• Advise and assist the Government in performing initial and recurring Authorization of systems or networks at the appropriate protection level as directed by the appropriate cognizant authority.
• Develops and maintains essential security documentation, including: System Security Plan (SSP): A comprehensive document that describes the security controls implemented on the system. Security Assessment Report (SAR): Documents the results of security assessments and identify vulnerabilities. Plan of Action and Milestones (POA&M): Tracks the progress of remediating vulnerabilities and implementing security controls.
• Plays a vital role in the A&A process, which is the process of obtaining authorization to operate (ATO) a system.
• Ensures that the information system is configured securely and that all changes are properly authorized and documented.
• Manages access control to the information system, ensuring that only authorized users have access to sensitive data.
• Identifies, assesses, and mitigates vulnerabilities in the information system.
• Works closely with other cybersecurity professionals, system administrators, program managers, and other stakeholders to ensure that the information system is secure.

Benefits

• Qualis LLC is committed to hiring and retaining a diverse and talented workforce who can contribute to the mission and vision of the Company.
• Our employees are our greatest asset and we promote a positive work environment, teamwork, professional growth, innovation, community involvement, flexible scheduling and a family-friendly work environment.
• Equal Opportunity Employer/M/F/Vet/Disabled and a Participant in E-Verify