The Information System Security Manager (ISSM), works under general supervision to ensure all related information assurance (IA) and Authorization & Accreditation (A&A) activities for all AFSOF C2MS occur in accordance with DoD 8500 series publications, National Institute of Standards and Technology (NIST), CJCSI 6510.01, Security Technical Implementation Guides (STIGs), and other applicable governing publications. The ISSM shall work as a member of a team to evaluate C2MS configurations, create System Security Plans, Disaster Recovery Plan, Incident Response Plans and other artifacts as required to facilitate the A&A of AFSOF systems. The ISSM shall assist system engineers and system administrators comply with the vulnerability management program and secure systems, networks and applications. The ISSM shall conduct vulnerability scans, analyze scan findings and provide recommended fix actions to systems personnel. The ISSM as part of the CyberSecurity team shall prepare, submit, and coordinate DoD Risk Management Framework (RMF) packages for all AFSOF C2MS systems. The ISSM shall be able to evaluate new and existing system designs and recommend technical changes to improve security.
Knowledge, Skills and Abilities
2-5 years of systems security/information assurance related experience.
3-4 years of technical experience in systems/network administration or software development
Demonstrated Windows and/or Linux Operating System System Administration/Engineering
Experience with eMASS, EITDR or Xacta accreditation workflow systems is preferred
RMF/NIST SP 800-53 knowledge preferred
ACAS/Nessus Vulnerability Scanner knowledge is highly desirable
Software Code Scanning / Application Security Testing / Penetration Testing is highly desirable
Incident Response or Computer Network Defense experience is highly desirable
ITIL v3 Foundation certification preferred
EMSEC/TEMPEST knowledge preferred
Excellent technical writing skills a must
Must have good communication skills and be detail oriented
Self-motivated, shows initiative, and works with minimal direction
Must be able to manage multiple tasks and projects simultaneously
Strong analytical and problem-solving skills and proactive thinking skills
Basic level familiarity with DoD, USAF, USSOCOM, and other Cyber Security Regulatory Compliance bodies
Provide technical support to system and technology owners to propose mitigation and remediation solutions
Assist with routine compliance and audit functions to ensure regulatory scanning requirements are satisfied
Document and report on processes and procedures
Stay current on security industry trends, attack techniques, mitigation techniques, security technologies and new and evolving threats to the organization by attending conferences, networking with peers and other education opportunities
Sense of urgency to address new technologies being deployed: Continuous development of infrastructure and cloud security expertise to function as subject matter expert in multiple technical disciplines
A Cyber Security Team team-player contributing to policy development, RMF package accreditations, and EMSEC/TEMPEST requirements
2-5 years of related experience in data security administration.
DoD 8570 IAM II Level Certification Required (Security + CE)
CISSP, CISM, GSLC, CAP, SSCP, GIAC Security Essentials, and other security related certifications a plus
For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
#c2ms #dpost #isdcj #arma