Senior Information System Security Manager

About The Position

Requirements

• Active TS/SCI or Q Clearance
• Bachelor's Degree in a Technical Field
• CISSP, CISA or CISM, and be familiar/proficient in all security domains.
• 15 years experience in Information Assurance
• 5 years technical experience providing network and/or system administration, information assurance security testing or evaluation duties
• 5 Years of C&A (certification & accreditation) experience with, DCID 6/3, ICD-503, and/or NIST Framework.
• Knowledge of the IC, national level system security initiatives, and secure Information/Local Area Network (LAN)/Wide Area Network (WAN) technologies.
• Experience reporting IT Security events/incidents in the time prescribed based on policies and procedures.
• Knowledge of cloud architecture
• Effective interpersonal and presentation skills with the ability to communicate in written and oral form; publication or presentation experiences are preferred.

Nice To Haves

• Preferred technical experience providing network and/or system administration, and/ or computer operations.
• Knowledge of virtualization

Responsibilities

• Manage ISSO efforts with respect to established duties
• Serve as Derivative Classifier as required by location
• Read and implement IA regulations and requirements per the customer’s CISO’s direction; develop and maintain managerial, operational, and technical IA skillset.
• Comment on new NIST standards / regulations as applies to client environment
• Review A&A documentation (BOE) to assure accuracy and professionalism as well as compliance with customer requirements.
• Support development of Contingency Plan, Incident Response Plan, and Configuration Management Plan
• Employ best practices when implementing security requirements within an information system including.
• Manages extensive evaluations of major information security networks, prepares evaluation reports, and presents recommendations.
• Conducts trade off analyses of products for clients to determine optimal informant security solutions.
• Prepares remedial options and supervise correction of information security shortfalls.
• Manage, maintain, and ensure successful implementation of Certification and Accreditation program.
• Ensure products and services comply with all appropriate (ITSEC) certification & accreditation requirements and best practices as prescribed by the customer, local authorities.
• Analyze scan results, and document findings for products as required to successfully complete Collateral and SCI-level security certification testing and evaluation (ST&E) as appropriate for the product.
• Prepare Security documentation in support of project tasks and as tasked for approved project requirements, which support successful completion of Collateral and/or SCI-level security testing and evaluation (ST&E) appropriate for the product, including but not limited to Authority of Operated (ATO), Authority to Test (ATT), Memorandum of Understanding (MOU), and Interconnection Security Agreements (ISA).
• Develop/Update training material includes refreshing training, role specific training, task specific training

Benefits

• KBR offers a selection of competitive lifestyle benefits which could include 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, disability, paid time off, or flexible work schedule.
• We support career advancement through professional training and development.