Information Systems Security Manager (ISSM)

Information System Security Manager (ISSM)

We are currently recruiting for an Information System Security Manager (ISSM) who will be take responsibility for classified programs Cybersecurity/Risk Management Framework (RMF) posture in accordance with government directives and program requirements. In this significant and dynamic position, you will interface directly with the government cognizant security agency (CSA) and collaborate with other Cybersecurity professionals, Security professionals, System Administrators, engineering community, and other government customers on overall compliance and configuration change management.

***No Relo

***Salary commensurate with experience.

Responsibilities:

• Assists the FSO, CPSO and Computer Incident Response Team (CIRT) in data spill incident response.
• Coordinate with program/project stakeholders, Cybersecurity staff (other ISSMs, ISSOs, ISSEs), the Facility Security Officer (FSO), Contractor Program Security Officer (CPSO), and other Security and IT team members to define, implement and maintain an acceptable information systems security posture.
• Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis.
• Maintain thorough understanding of NIST 800-53 controls, determine controls applicable to the application, and documents control implementation in the SCTM.
• Manages and maintains Continuous Monitoring (ConMon)/Plan of Action and Milestones (POA&M) reports.
• Monitor cybersecurity compliance by performing periodic self-inspections, tests, and reviews of information systems to ensure that workstations/servers are operating as authorized/accredited
• Perform other tasks as assigned by manager/supervisor.
• Performs Assessment and Authorization (A&A) activities such as information system certification testing of required configuration controls and preparing/maintaining various documentation such as: Standard Operating Procedures (SOP), System Security Plan (SSP), Risk Assessment Report (RAR), Security Controls Traceability Matrix (SCTM), etc.
• Responsible for security sustainment activities including (but not limited to): hardware change management, software change management, account management, media protection, user interface, file transfers, etc.
• Responsible for the Cybersecurity program as stipulated by various US Government requirements including (but not limited to): Joint Special Access Implementation Guide (JSIG), National Industrial Security Operating Manual (NISPOM), and the DCSA Assessment and Authorization Process Manual (DAAPM).
• Supervisor for assigned Information System Security Officers (ISSO) supporting accredited networks.

Qualifications:

Requirements:

• Ability to effectively prioritize multiple projects.
• Ability to work with people in a team environment and deal effectively with changing project priorities.
• Active Top Secret security clearance with the ability to obtain SAP and SCI access.
• Demonstrated strong critical thinking and problem-solving skills.
• Detail oriented and self-motivated.
• DoD 8570 IAM Level III certification (CISA, CISM, CISSP, etc.) or the ability to obtain within 6 months upon being hired.
• Excellent communications skills.
• Experience with configuration/certification and auditing/analysis of Windows/Linux operating systems in a Peer-to-peer, LAN & WAN network environment.
• Familiarity/understanding using authorization/accreditation databases (eMASS, Xacta, etc.).
• Strong customer service skills
• Three (3) to five (5) years experience as an ISSM implementing NISPOM Chapter 8, DAAPM, ICD503 and/or JSIG IS requirements.

Why is This a Great Opportunity:

This is a growing company that continues to exceed in it's space. Great company benefits, highly competitive pay and a strong collaborative work environment.