Staff Information System Security Manager

About The Position

Requirements

• Active TOP SECRET Clearance
• Must have a Security+ CE or equivalent certification for DoD 8140 / 8570 IAT Level II or higher within 30 days of employment.
• Minimum of 8 years working as an ISSM/ISSO with at least 2 years of experience being in an ISSM role.
• Strong written communication skills including the ability to document/diagram information systems and procedures, produce RMF accreditation packages, create Cyber Security policies, and generate other security artifacts including but not limited to SCTMs, POA&Ms, SSPs, and RARs.
• Experience with Security Directives, Policies, Publications and Regulations including but not limited to the NISPOM, DAAPM, NIST 800-53, JSIG and/or ICD 503/705.
• Must have working knowledge of DoD, National and applicable service and agency security policy, manuals, and standards.
• Must have solid technical knowledge on how Microsoft Windows 11, Windows Server 2019 or newer systems are configured, hardened, and managed.
• Experience with common information system Cyber Security tools, technologies, and STIGs (Nessus/ACAS, SCAP Compliance Checker, STIG Viewer, Microsoft Group Policy, etc.).
• Strong interpersonal skills, ability to work autonomously and on a team.
• Must be able to lift 25 pounds.

Nice To Haves

• Bachelor’s Degree in a Cyber Security or Information Technology related discipline.
• Working knowledge of Red Hat Enterprise Linux 8and/or 9 security-related functions (SELinux, AIDE, firewalld, PAM configuration files, the Linux Audit system, and more).

Responsibilities

• Developing and implementing information security procedures, system security plans, SCTMs, test plans, and POA&Ms for the operation of networked and standalone classified computer systems, as well as coordinating government agency approvals/accreditations.
• Perform oversight of the development, implementation and evaluation of information system security program policy; special emphasis placed upon integration of exiting network infrastructures.
• Advising other ISSMs and ISSOs on best practices for compliant package creation, RMF processes, and other Cyber Security procedures.
• Conducting periodic system self-inspections/testing, system audits, media reviews and investigations of computer security incidents, and coordinating with other organizations for expertise as needed.
• Consulting on the design, development, integration, and analysis of classified computing systems.
• Interfacing with customers, executives, managers, and other leads to gather requirements, recommend solutions, provide status, and manage escalated Cyber-related issues/requests.
• Performing administrative control testing and validation and supporting technical control testing and validation.
• Providing customer service to end users of the information systems for cyber security-related requests and issues such as data transfers, user account management activities, software approval requests, end user cyber security training, and others as assigned.
• Assisting with product research and testing utilizing open-source resources as well as coordination with appropriate vendors.
• Generate training material for a variety of Cyber Security requirements including end user briefings, role-based training, and incident response tabletop exercises.
• Other duties, as assigned

Benefits

• Medical, Dental & Vision Insurance
• Life and Long-Term Disability (LTD)
• Vision Reimbursement
• Fitness Reimbursement
• Company-funded 5% contribution to your 401(k) retirement plan
• Company-funded 5% contribution to your Employee Stock Ownership Plan
• Continuing Education Assistance
• Flexible Scheduling
• Paid Time Off (PTO)
• Paid Parental and Bereavement Leave