Cybersecurity – Senior Information System Security Manager (ISSM)

Boeing•Mesa, AZ

About The Position

Boeing Classified Cybersecurity is currently seeking a highly motivated Cybersecurity – Senior Information System Security Manager (ISSM) to join their team in El Segundo, CA; Huntington Beach, CA; Mesa, AZ; Seal Beach, CA; or Tukwila, WA. The selected candidate will lead the team responsible for the implementation and sustainment of DFARS/NIST SP 800-171 and Cybersecurity Maturity Model Certification (CMMC) controls for systems handling Controlled Unclassified Information (CUI), ensuring continuous compliance, risk management, and overall program management of a large portfolio of systems. The ISSM will develop and maintain security documentation (including System Security Plans and POA&Ms), coordinate audits and remediation with program stakeholders and assessors, and drive ongoing monitoring to protect CUI in accordance with DFARS 252.204-7012 and CMMC requirements.

Requirements

Currently hold certification in good standing to satisfy IAM Level III (CISSP, GSLC, or CISM)
5+ years of experience with cyber security policies and implementation of Risk Management Framework (RMF): e.g. DAAPM, CNSSI 1253, ICD-503, JSIG, or NIST SP 800 series
3+ years of experience implementing and sustaining Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012/National Institute of Standards and Technology (NIST) SP 800-171 controls and mapping to Cybersecurity Maturity Model Certification (CMMC) requirements
This position requires an active U.S. Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active)
This position must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.62 is required. “U.S. Person” includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee.

Nice To Haves

5+ years of experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs
5+ years of experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS
5+ years of experience assessing and documenting test or analysis data to show cyber security compliance

Responsibilities

Leads a team of ISSMs and ISSOs performing cybersecurity governance work on CUI, DFARS, and CMMC systems
Performs security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted industry and government standards
Oversees configuration management of assigned systems; auditing systems to ensure security posture integrity
Leads staff with assessments and test/analysis data to document state of compliance with security requirements
Conducts risk assessments and investigations, execute appropriate risk mitigations, and oversee incident response activities
Conducts periodic hardware/software inventory assessments
Serves as organization spokesperson on advanced projects and programs
Acts as advisor to management and customers on advanced technical research studies
Interfaces with the appropriate government customers, suppliers, and company personnel to implement protective mechanisms and to ensure understanding of and compliance with cybersecurity requirements