Information System Security Manager (Issm)

Caci International Inc. Austin , TX 78759

Posted 2 months ago

Job Description:

What You'll Get to Do:

Under limited direction, the Information Systems Security Manager (ISSM) is primarily responsible for the development, administration and management of information systems and security procedures for company and customer systems and networks supporting multiple customers.

The ISSM will be responsible for a portfolio of programs potentially spalling Collateral, SCI, and SAP/SAR levels. The candidate will support information system life cycle activities from rapidly establishing systems to support classified proposals, to scoping systems for new programs and preparing Risk Management Framework packages, to regular maintenance, support and upgrades of systems during program execution, to program close-out and de-certification activities.

More About this Role:

Duties and Responsibilities:

  • Responsible for ensuring Information System Compliance with the potential to span multiple business areas or programs.

  • Ensure system security measures comply with applicable government policies. Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.

  • Maintain thorough understanding of NIST 800-53 controls, and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM).

  • Monitor and resolve Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems.

  • Communicate and coordinate Information Systems Security policy across their organization and work with government agencies to obtain rulings, interpretations, and acceptable deviations for compliance with regulations.

  • Establish, document, implement, and monitor the IS Security Program and related procedures for the facility and ensure compliance with IS security requirements.

  • Prepare and maintain Systems Security Plans (SSP) which accurately reflect the installation and security provisions of the system.

  • Ensure that each SSP has been implemented, that the specified security controls are in place and properly tested, and that the IS in functioning as described in the SSP.

  • Evaluate proposed changes or additions to the SSP and collaborate with customers for systems approvals.

  • Utilize automated tools to document certification and accreditation requirements.

  • Conduct on-going security reviews and tests for information systems to periodically verify that security features and operating controls are functional and effective.

  • Ensure that periodic self-inspections of the facility's IS Program are conducted as part of the overall facility self-inspection program.

  • Ensure the development, documentation and presentation of IS security education, awareness, and training activities for facility management, IS personnel, users, and others as appropriate.

  • Ensure personnel are trained on the IS's prescribed security restrictions and safeguards before they are initially allowed to access a system.

  • Identify and document unique local threats/vulnerabilities to IS.

  • Report IS security incidents to the CSA. Ensure action is taken when an incident/vulnerability has been discovered.

You'll Bring These Qualifications:


  • BS/BA + minimum 8 years of related work experience or equivalent


  • Experience as an ISSM/ISSO implementing NISPOM Chapter 8, JAFAN 6/3, DCID 6/3, ICD 503, and/or JSIG IS requirements in a SAP/SCI environment.

  • Experience developing IS security plans, policy and procedures for Local Area Network (LAN) Information Systems and Wide Area Network (WAN) Information systems

  • Experience with both Windows and Linux operating environments.

  • Must be able to obtain a Top Secret government security clearance.

Required Skills:

  • ISSM experience on Special Access Programs (SAPs)

  • Working knowledge with the Risk Managed Framework (RMF)

  • Familiarity conducting vulnerability scans.

  • Ability to draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, MSSP, RAR, SCTM)

Desired Certifications:

  • CISSP Certification (Required)
  • Security+

What We Can Offer You:

  • We've been named a Best Place to Work by the Washington Post.

  • Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.

  • We offer competitive benefits and learning and development opportunities.

  • We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities.

  • For over 55 years, the principles of CACI's unique, character-based culture have been the driving force behind our success.

Job Location


CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Principal Industry Specialist Information Security

Amazon.Com, Inc.

Posted 2 weeks ago

VIEW JOBS 5/19/2020 12:00:00 AM 2020-08-17T00:00 Amazon Information Security is a high visibility team that solves security challenges at a massive scale. We are looking for those who are ready to take on a lead role in addressing security issues across one of the largest and diverse companies in the world. Security issues at such scale and speed require a passion for defining and implementing robust solutions. The InfoSec Engagement Team is looking for a focused Principal Industry Specialist with strong technical skills, problem-solving abilities, and customer obsession. The Industry Specialist will lead efforts to identify and address security concerns for Amazon in India across its existing partner teams such as Corporate Development, Amazon Subsidiaries, Information Security, and Business Line Security Teams (Federated Security Teams - FSTs). The ideal candidate would have excellent communication skills, the ability to influence stakeholders by creating win-win solutions, and the desire to be an individual contributor in securing Amazon's global environment. We are looking for an individual that can lead technical initiatives, build and maintain strategic relationships with internal and external partners, define and implement repeatable processes and deliver results against Amazon's dynamic security landscape. Joining the Information Security team provides the unique challenge and opportunity to solve security issues across a diverse set of global businesses. The ideal candidate will draw upon exemplary project management capabilities, critical thinking, problem-solving skills, and a passion for creating reliable, maintainable, and secure solutions. The candidate should be open to new challenges, proficient at multi-tasking, innovative, self-directed, and a great team player. Candidates should drive continuous process improvement and collaborate effectively with cross-functional business and security teams to solve problems and implement solutions. The candidate will interact with a broad cross-section of the Amazon organization, spanning a wide range of technologies. Key Responsibilities include: * Lead initiatives aimed at identifying and eliminating security risks for Amazon and its partner teams such as Corporate Development, Amazon Subsidiaries, and Business Line Security Teams * Manage the full life cycle of day-to-day security integration activities including coordination of detailed functional plans, communication with key stakeholders, and issue resolution. Create awareness of cross- functional inter-dependencies and establish prioritization for plan execution to minimize disruption on daily operations. * Participant in the Mergers and Acquisitions (M&A) process through leading security due-diligence efforts and working with cross-functional teams across global organizations * Lead internal and/or third-party security assessment, architecture review, and penetration or other testing of the target organization and develop integration plans to include remediation of identified weaknesses and/or implementation of compensating controls * Lead ambiguous and undefined problems to resolution in the face of uncertainty * Demonstrate the ability to provide both structured and creative thinking in a dynamic, evolving, multi team-based environment * Demonstrate the ability to communicate effectively at multiple levels of management, building trust across the organization, and demonstrating discretion with sensitive information * Show ownership and leadership skills in coordinating projects across multiple teams, driving them to successful conclusion while building strong, lasting relationships with both internal and external customers * Be comfortable working in a fast-paced, ever-changing environment while driving teams to complete goals * Demonstrate the ability to break abstract goals into attainable, measurable work items Basic Qualifications * Bachelor's degree in Information Security, Computer Science, Risk Management, Engineering, Math, Statistics or related discipline, or 15+ years' equivalent technology experience * Minimum of 10 years of industry experience with a proven track record of delivery following Project Management principles * 10+ years of executive communication. Effective written and oral communication with multiple levels of leadership involving both business and technical sides of the business * 5+ years working in a technical role with a solid grasp of networking and security fundamentals * Minimum of 5 years of experience managing the deployment of information security solutions at scale * Ability to effectively coordinate between technical teams and business stakeholders * Meets/exceeds Amazon's leadership principles requirements for this role * Meets/exceeds Amazon's functional/technical depth and complexity for this role * Ability to travel 25% of the time Preferred Qualifications * Excellent communication skills and the ability to work well in a team * An entrepreneurial spirit with the ability to drive innovation independently * Maturity, judgment, negotiation/influence skills, analytical skills, and leadership skills * Strong customer focus, ownership, sense of urgency and drive * Familiarity with web services, multi-tiered systems, complex architectures, workflow modeling and enterprise application integration * Passion to make things better and resourceful, solutions-based approach to partnership * Security-related certifications (i.e. CISSP, CISA) * Possess an understanding of core information security principles and associated risk management principles * Have extensive experience with of process improvement, team building, and strategic development * Experience with large enterprise environments * Experience with AWS products and services * Experience with cross-organizational collaboration and negotiation Amazon.Com, Inc. Austin TX

Information System Security Manager (Issm)

Caci International Inc.