C-130H Cybersecurity/ Information Technology Manager

CAE Little Rock , AR 72215

Posted 2 months ago

Role and Responsibilities

Summary

Responsible for the implementation and management of the C-130H Aircrew Training System (ATS) cybersecurity, physical security, and Information Technology (IT) programs. The primary role of the candidate is to manage and implement the Risk Management Framework (RMF) and ensure compliance with Department of Defense Instructions 8500.01 Cybersecurity and 8510.01 RMF for assessment and authorization of the C-130H ATS. Develops and implements security policy and procedures. Advises senior contractor and government management on all aspects of security and compliance with the National Industrial Security Program (NISP), National Industrial Security Program Operating Manual (NISPOM), National Institute of Standards and Technology (NIST) Special Publication 800 -37 Risk Management Framework (RMF), Special Security Agreement (SSA), Department of Defense Instructions (DoDI) 8500.01, 8510.01, AFI 17-101, and other federal regulations.

Essential Duties and Responsibilities

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

  • Oversees the development, documentation, implementation, operation, and maintenance of the physical and cybersecurity programs for the C-130H Aircrew Training System

  • Assess and implement National Institute of Standards and Technology (NIST) Special Pamphlet 800-53 (Rev. 4) operational, management and technical security controls.

  • Document compliance/non-compliance of security controls in the Enterprise Mission Assurance Support Service (eMASS) to support assessment and authorization packages

  • Collect and maintain all required cybersecurity documentation (compelling evidence/artifacts) for the security authorization package to maintain an Authorization to Operate (ATO)

  • Assist with developing or updating of Information and Physical Security related plans, procedures, work methods and documentation

  • Establishes proactive reporting system for non-compliance, intrusion or abuse of information security procedures within classified areas and investigate and recommend corrective actions for violations

  • Direct the contractor portion of a System Security Plan (SSP) in support of maintaining an Authorization to Operate (ATO)

  • Lead CAE's C-130H ATS Cybersecurity program, including all administration and execution efforts under the Risk Management Framework (RMF)

  • Sustain and administer the cybersecurity program within C-130H ATS in accordance with DoD Instructions 8500.01 Cybersecurity and 8510.01 Risk Management Framework.

  • Design, write and audit procedures for compliance with handling, marking, access control, auditing, and logging actions as specified in NISPOM and the System Security Plan (SSP) for accredited systems

Supervisory Responsibilities

  • Provide oversight, direction, and training to delegate Information Assurance (IA) representatives at each of the C-130H sites.

IAM-II Requirements DoD 8570.01-M

M-II.1. Develop, implement, and enforce policies and procedures reflecting the legislative intent of applicable laws and regulations for Network Equipment (NE.)

M-II.2. Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.

M-II.3. Develop NE security requirements specific to an IT acquisition for inclusion in procurement documents.

M-II.4. Recommend resource allocations required to securely operate and maintain an organization's NE IA requirements.

M-II.5. Participate in an IS risk assessment during the assessment and authorization (A&A) process.

M-II.6. Develop security requirements for hardware, software, and services acquisitions specific to NE IA security programs.

M-II.7. Ensure that IA and IA-enabled software, hardware, and firmware comply with appropriate NE security configuration guidelines, policies, and procedures.

M-II.8. Assist in the gathering and preservation of evidence used in the prosecution of computer crimes.

M-II.9. Ensure that NE information system (IS) recovery processes are monitored and that IA features and procedures are properly restored.

M-II.10. Review IA security plans for the NE.

M-II.11. Ensure that all Information Assurance Management (IAM) review items are tracked and reported.

M-II.12. Identify alternative functional IA security strategies to address organizational NE security concerns.

M-II.13. Ensure that IA inspections, tests, and reviews are coordinated for the NE.

M-II.14. Review the selected security safeguards to determine that security concerns identified in the approved plan have been fully addressed.

M-II.15. Evaluate the presence and adequacy of security measures proposed or provided in response to requirements contained in acquisition documents.

M-II.16. Monitor contract performance and periodically review deliverables for conformance with contract requirements related to NE IA, security, and privacy.

M-II.17. Provide leadership and direction to NE personnel by ensuring that IA security awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities.

M-II.18. Develop and implement programs to ensure that systems, network, and data users are aware of, understand, and follow NE and IA policies and procedures.

M-II.19. Advise the Authorizing Official (AO) of any changes affecting the NE IA posture.

M-II.20. Conduct an NE physical security assessment and correct physical security weaknesses.

M-II.21. Help prepare IA assessment and authorization documentation.

M-II.22. Ensure that compliance monitoring occurs, and review results of such monitoring across the NE.

M-II.23. Obtain and maintain IA baseline certification appropriate to position.

Qualifications and Education Requirements

  • Experience with NIST Special Pamphlet (SP) 800-37 Guide for Applying the Risk Management Framework, NIST SP 800-53 Rev. 4 Security and Privacy Controls for Federal Information Systems and Organizations.

  • Ability to write System Security Plans (SSP) including classified portions, acceptable to Authorizing Official and compliant with all applicable DOD Directives and Instructions.

  • Ability to establish and participate in Integrated Product Teams and provide IS security considerations and planning to program management and engineering.

  • Travel for IA and PIT assessment tasks.

  • Applicant will be subject to a US government investigation for access to classified information and must meet the eligibility requirements to obtain/maintain the required security clearance. (Secret with TS eligibility preferred). This position also requires eligibility for special access qualification: SCI, COMSEC SCI, NATO and third party classified that may be program specific.

  • Thorough knowledge and experience with the NISPOM, DOD security related instructions and directives, specific services' security related regulations required.

  • Extensive experience with hardware/software platforms to include Windows, Linux, UNIX, preferred.

  • Military service, military environment familiarity, customs/protocol experience preferred.

  • Ability to communicate, interact and collaborate with management, executive personnel and military personnel including senior officer levels required. Detail oriented; work with minimal supervision, analytical and problem solving capability.

  • B.S. degree in Computer Science, Computer Engineering, Information Technology, Electrical Engineering or other technical equivalent, Master's degree in Cybersecurity desired.

  • Five years directly related experience in implementation of DOD RMF security requirements and contractor/government information security. USAF experience highly desired.

  • DoD 8570.01-M Information Assurance Management (IAM) Level II Approved Baseline Certification (CAP, GSLC, CISM, CASP CE, or CISSP).

  • Must maintain IAM required Certification(s).

  • Must attend IA Continuous Education or Sustainment Training (120 hours within 3 years) throughout employment.

  • Must have excellent oral and written communication skills.

Language Skills

  • Excellent executive presence including oral and written communication skills.

  • Must be able to communicate effectively to all levels of management, including succinctly delivering specialized knowledge to assist decision makers.

  • Must be able to converse and understand legal, business, merger/acquisition and DOD contract specialized language

Mathematical Skills

  • Ability to assist in development of and adherence to complex budgetary process.

  • Experience preparing budgets, tracking actuals against budget and managing assets to completion at or under budget.

Reasoning Ability

  • Ability to develop applications and methodologies by applying principles of logical or scientific thinking to a wide range of intellectual and practical problems.

  • Strong analytical and strategic thinking skills required.

Certificates, Licenses, Registrations.

DoD 8570.01-M Information Assurance Management (IAM) Level II Approved Baseline Certification

At least one certification MUST be from this list

  • CAP
  • CASP+ CE
  • CISM
  • CISSP (or Associate)
  • GSLC
  • CCISO

Security Responsibilities

Must comply with all company security and data protection / usage policies and procedures. Personally responsible for proper marking and handling of all information and materials, in any form. Shall not divulge any information, or afford access, to other employees not having a need-to-know. Shall not divulge information outside company without management approval. All government and proprietary information will be accessed and stored electronically on company provided resources.

  • Incumbent must be eligible for DoD Personal Security Clearance.

Work Environment

  • Must be able to work with minimal supervision.

  • Majority of work will be performed in an office environment.

  • Must be willing to work flexible schedule and as required.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.

  • Ability to sit and operate personal computer for extended periods of time.

  • Occasional business domestic and international travel required.

  • Able to lift and carry a minimum of 35 pounds and manual dexterity to bend, stoop, squat and stand for prolonged periods

  • Must have ability to work overtime as necessary

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for their job. Duties, responsibilities, and activities may change at any time with or without notice.

CAE USA Inc. is an EOE/AA employer and gives consideration for employment to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. If you'd like more information about your EEO rights as an applicant under the law, please click here EEO is the Law poster.

PAY TRANSPARENCY NONDISCRIMINATION PROVISION The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.

Position Type

Regular

CAE thanks all applicants for their interest. However, only those whose background and experience match the requirements of the role will be contacted.

Equal Employment Opportunity

At CAE, everyone is welcome to contribute to our success. With no exception.

As captured in our overarching value "One CAE", we're proud to work as one passionate, boundaryless and inclusive team.

At CAE, all employees are welcome regardless of race, nationality, colour, religion, sex, gender identity or expression, sexual orientation, disability or age.

The masculine form may be used in this job description solely for ease of reading, but refers to men, women and the gender diverse.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Systems Manager

State Of Arkansas

Posted 1 week ago

VIEW JOBS 8/4/2020 12:00:00 AM 2020-11-02T00:00 The Information Systems Manager works under general direction and is responsible for planning and directing resources in the development, implementation, and maintenance of the computer and network systems for the state. This position is governed by state and federal laws and agency policy. Typical Functions Directs the activities of a professional, technical, and administrative support staff through subordinate supervisors including: interviewing, hiring, terminating, reviewing performance evaluations conducted by subordinates, evaluating the performance of subordinates, and reviewing and approving/disapproving a variety of actions, policies, and procedures recommended by subordinates, preparing short and long range plans, preparing, implementing, and monitoring operational and biennial budgets. Coordinates team operations with other functions within the agency to ensure the development and implementation of operational procedures. Analyzes relevant new or revised laws and executive policies and coordinates with system users to evaluate current automated systems and determines what changes may be necessary to meet user needs and ensures compliance with statutory requirements. Directs the development of new or revised applications with appropriate entities by providing information on desired results, data base components, informational flow, interfaces with other systems, and screen and report formats. Evaluates the capacity and capabilities of the automated administrative system, investigates technological advances and the compatibility, availability, and costs of products, and develops short and long-range plans for the acquisition of computer hardware and software to support current and future statewide operations. Negotiates and develops vendor contracts for recommendation to senior management staff, designates performance standards and deliverables, and monitors adherence to contract specifications. Plans the implementation of diverse, new and/or modified software to ensure compatibility with existing system and testing requirements and recommend and enforce standards and procedures. Establishes schedules and priorities for system development and monitors development stages to ensure the validity of data and reports and adherence to deadlines. Resolves user or information system problems not resolved at a lower level by investigating the source of the problem and initiating corrective action including contacting vendors if appropriate. Attends legislative committee meetings to respond to questions and coordinates with legislative staff on the drafting and reviewing of legislative affecting statewide administrative processes. Implements special projects by assigning work activities, monitoring progress through supervisory personnel, and preparing status reports or making presentations as required. Performs other duties as assigned. Special Job Dimensions Knowledge, Abilities, and Skills Knowledge of the application of systems analysis and programming in automated information systems. Knowledge of state and federal fiscal, procurement, budget, human resources, and payroll laws and processes and administrative practices and procedures. Ability to plan work unit objectives and operational activities and to assign and direct the work of subordinate supervisors. Ability to prepare and present oral and written technical information and reports. Ability to coordinate the development, implementation, and maintenance of information systems. Ability to research, analyze, evaluate data, situations, project outcomes, and resolve problems. Ability to draft legislation, interpret and apply laws, regulations, executive orders, and guidelines. Minimum Education and/or Experience The formal education of a bachelor's degree in computer science, mathematics, or a related field; plus eight years of experience in computer support, including three years in a supervisory capacity. ORCompletion of technical training in computer science, data processing, or a related field acquired from a vocational, military or industrial setting, plus eight years of experience in computer support, including three years in a supervisory capacity. Additional requirements determined by the agency for recruiting purposes require review and approval by the Office of Personnel Management. OTHER JOB RELATED EDUCATION AND/OR EXPERIENCE MAY BE SUBSTITUTED FOR ALL OR PART OF THESE BASIC REQUIREMENTS, EXCEPT FOR CERTIFICATION OR LICENSURE REQUIREMENTS, UPON APPROVAL OF THE QUALIFICATIONS REVIEW COMMITTEE. Preferred Qualifications Experience in healthcare related work is highly desired. Experience with MIRTH/NextGen and Verato. Experience with multiple databases. Experience planning and completing projects within time and budget constraints. Excellent interpersonal, communication and problem-solving skills. In-state travel may be required. Ability to respond to emergencies in a timely manners. Occasional on call duty or after-hours work may be required. Certificates, Licenses, Registrations Agency Specific Information This Position will close at 11:59 pm on the closing date listed. Hiring Official- N. Holt This office only accepts completed applications, resumes and relevant transcripts to determine minimum qualifications. Applicants should present other documents to the hiring official upon interview, if applicable. If you are a Veteran, Disable Veteran or a Surviving Spouse of a Deceased Veteran and remains unmarried at the time you are seeking preference and you are a citizen and resident of this state you shall be entitled to employment preference in a position over other applicants after meeting substantially equal qualifications. Please submit the DD-214 and other official documentation to the address below. THE ARKANSAS DEPARTMENT OF HEALTH DOES NOT ACCEPT ELECTRONIC MEDIA OF ANY FORM, (CDs, flash drives, memory sticks, tapes, etc.) WITH STATE EMPLOYMENT APPLICATIONS. All Applicants must submit complete and accurate information and complete the application form according to instructions. List all prior work experience, including military service, beginning with your most recent employment. Applicants are encouraged to attach an original written resume to supplement their application or a paper addendum for additional work history section of the application. You may include volunteer or unpaid work as part of your work history; however, you should include the number of hours per week which you performed these duties. When submitting your State Application, you may refer to your resume for the Employment History if your resume includes all the information requested in the Employment History section of the state application (month and year employment began and ended, weekly hours worked, etc.). Please complete the Work History section of the application, even if you are including a resume. Incomplete applications will NOT be processed. All ADH applicants must complete a drug screen and background check if applicable. Direct Deposit is required for employment according to Act 1887 of 2005. Human Resources Office- Recruitment Section 4815 W Markham St., Slot 26 Little Rock, AR 72205-3867 Office Hours: 8:00 a.m. to 4:30 p.m. Monday thru Friday Fax No. 501-661-2675 State Of Arkansas Little Rock AR

C-130H Cybersecurity/ Information Technology Manager

CAE