Special Programs Alternate Information Systems Security Manager (AISSM)

The University of Texas at Austin•Austin, TX

3d•Onsite

About The Position

The Special Programs Alternate Information Systems Security Manager (AISSM) assists in managing and overseeing all development, authorization, and compliance measures associated with ARL Classified IS operations under the security cognizance of multiple program sponsors. This role involves providing technical planning, expertise, oversight, and daily administration of security actions for a variety of classified information systems with varying degrees of complexity. The AISSM works directly with information system sponsors and sponsor ISSMs to meet federal requirements under the Risk Management Framework (RMF) and to maintain system authorizations. Responsibilities include conducting self-inspections of information system Continuous Monitoring (ConMon) compliance, verifying the duties performed by Information System Security Officers (ISSOs), and reviewing the professional auditing of Special Programs classified Information Systems at ARL:UT. The AISSM also assists the CPSO in preparing for and conducting security inspections, reviews, and evaluations, and is responsible for preparing documents, IS configuration validation, hardware/software change management, media protection, and file transfers. Developing, maintaining, and updating Plan of Action and Milestones (POA&M) documents is crucial for tracking IS security requirements. The role also involves managing user IS access and use compliance, ensuring all training requirements are met for personnel using secure information systems, and assisting in ensuring Lab-wide information security standards, policies, and practices are followed. This includes providing training and guidance to others within the laboratory on maintaining the security posture of all information systems and implementing security control requirements. Other related functions as assigned.

Requirements

Bachelor's Degree: Computer Science, Information Systems Management, or related field.
Five years of information assurance experience in Windows/ Linux systems.
Experience developing and implementing information assurance policy.
Previous experience serving as an Assistant ISSM, ISSM, or equivalent duties.
Strong communication, critical thinking, and problem-solving skills with the ability to prioritize projects.
Experience supporting various system configurations.
Experience with program management.
US Citizen.
Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information at the level appropriate to the project requirements of the position.
Employment is contingent on selected applicant submitting application for access and receiving notification of eligibility within a time period specified in the job offer.
Employment must begin within 30 days of confirmation of eligibility.
Eligibility for access to classified information must continue without interruption during employment.
Employment will be contingent on selected applicant obtaining a DoDM 8570.01 compliant certification, equivalent to IAT Level II within 6 months of start date.
Continued compliant certification, equivalent to IAT Level II is required during employment.

Nice To Haves

Six years of experience in information assurance in a National Security computing environment.
Three years of experience with the Risk Management Framework methodology.
Knowledge of Classified Information System requirements and government regulations.
Experience with policy creation, documentation preparation and maintenance.
Windows and Linux Operating System knowledge.
Experience conducting security audits of information systems.
SIEM Tool Experience (Splunk, Wireshark, etc.).
Experience with vulnerability scanning tools (ACAS/Nessus, Retina, MBSA, etc.).
Possess a current DoDM 8570.01 compliant certification, equivalent to Information Assurance Technical (IAT)/Information Assurance Management (IAM) Level III (i.e. CISSP).
Eligibility for immediate access to classified information at the level appropriate to the project requirements of the position.

Responsibilities

Assist the Special Programs ISSM in providing technical planning, expertise, oversight and daily administration of security actions for a variety of classified information systems ranging in a wide degree of complexity.
Work directly with information system sponsors and sponsor ISSMs to meet federal requirements under the Risk Management Framework (RMF) and to maintain system authorizations.
Conduct self-inspections of information system Continuous Monitoring (ConMon) compliance along with the verification of the duties performed by Information System Security Officers (ISSOs).
Review and inspect the professional auditing of Special Programs classified Information Systems at the Applied Research Laboratories: University of Texas at Austin (ARL:UT), conducted by ISSOs, in order to maintain compliance with the sponsor assessment and Joint Special Access Program (SAP) Implementation Guide (JSIG).
Assist the CPSO in preparing for and conducting security inspections, reviews, and evaluations.
Prepare documents, IS configuration validation, verification/testing hardware/software change management, media protection and file transfers.
Develop, maintain, and update Plan of Action and Milestones (POA&M) documents necessary for tracking IS security requirements to achieve and maintain system authorizations.
Manage user IS access and use compliance in accordance with applicable directives.
Ensure all training requirements are met for lab personnel who utilize secure information systems.
Assist the Special Programs ISSM in ensuring that Lab wide information security standards, policies, and practices are being followed.
Closely coordinate with and provide training and guidance to others within the laboratory, on ensuring and maintaining the security posture of all information systems as well as implementing security control requirements.
Perform other related functions as assigned.