Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Information Systems Security Manager

Expired Job

Galaxy Technology Hires LLC Alexandria , VA 20598

Posted 2 months ago

Have you ever wanted to be part of a world class engineering firm that manages to impact critical missions, while still maintaining a culture where engineers and professionals stand out and get to show off their individual skills and expertise?

Our client is a mid-sized engineering firm with more than 45 years of experience successfully supporting a large variety of Department of Defense and other government agencies' missions, mostly involving aspects of national security.

Information Systems Security Manager (ISSM)

The Information Technology (IT) Information Systems Security Team establishes and maintains the classified technology infrastructure and application support services required by our analysts to deliver timely, objective and cost-effective analysis. We design, develop, and deploy hardware- and software-based solutions in close coordination with client-facing groups while adhering to strict security protocols.



Job Description:

Serve as Information Systems Security Manager (ISSM) for classified computers in DoD and Intelligence Community computing environments. Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis. Ensure system security measures comply with applicable government policies. Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system. Maintain thorough understanding of NIST 800-53 controls, and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM). Conduct reviews and technical inspections (as prescribed by the Lead ISSM) to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional. Assist the Lead ISSM in monitoring and resolving Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems. Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, MSSP, RAR, SCTM)



Requirements:

  • Bachelor's degree in an IT-related field or equivalent experience.
  • Experience as an ISSM implementing NISPOM Chapter 8, JAFAN 6/3, DCID 6/3, ICD 503, and/or JSIG IS requirements.
  • 10+ years of experience in information assurance technology or a related area.
  • Have or obtain CISSP certification per DoD Directive 8570.1 within 6 months upon being hired.
  • In accordance with Department of Defense (DoD) 8570.01M, must meet the proficiency and certification requirements of an IAM Level II. Acceptable certifications include CISSP, CISM, and GSLC.
  • Experience in a research and development environment where software and algorithms are developed.
  • Experience in developing external customer relationships and communications (e.g., DSS, NRO, DARPA, IARPA, AF, Navy)
  • Proficient in Microsoft Office programs, including Word, Excel and PowerPoint, and a working knowledge of Microsoft desktop operating systems.
  • Proficient in Microsoft Enterprise environment and the security architecture.
  • Effective oral and written communication skills for working within a team environment.
  • Ability to exercise independent judgment and to work autonomously with minimal supervision.
  • Experience configuring systems for compliance with Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs).
  • Experience validating system compliance using the Security Content Automation Protocol (SCAP) Validation Tool.
  • Experience using the Assured Compliance Assessment Solution (ACAS) for vulnerability scans, network configuration assessments, and network discovery.
  • Experience administering Red Hat Linux systems in a classified computing environment.
  • Comfortable managing secure Public Key Infrastructure environments.
  • Maintains awareness of upcoming customer / government driven changes and challenges and suggests approaches to meet those challenges.
  • Experience with DoD Risk Management Framework (RMF), NIST SP 800-53, and NISPOM.
  • Excellent time management skills; keeps commitments.
  • Have an active Top Secret security clearance and ability to obtain SCI and SAP/SAR clearances.
  • U.S. citizenship required

Preferred Qualifications:

  • Previous experience working as a security professional in a SAP/SCI environment.
  • Familiarity conducting vulnerability scans.
  • Familiarity with the ODAA Baseline Standard requirements, Joint Special Access Program (SAP) Implementation Guide (JSIG) and Risk Management Framework (RMF).
  • Excellent communications skills (written & oral), ability to conduct IS user briefings.
  • Bachelors degree in one of the following but not limited to: Information Technology, Information Assurance, Computer Information Systems, or Criminal Justice.
  • Experience in PERSEC, COMSEC and/or program security roles.
See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Systems Security Engineer (Isse) Current CBP BI Required Temporary Role 6 Month Project

Csra Inc.

Posted 1 week ago

VIEW JOBS 12/5/2018 12:00:00 AM 2019-03-05T00:00 Primary Location Alexandria , VA United States Job Requisition RQ27184 Category Engineering & Sciences Apply Legacy CSRA employee login CSRA provides technical support services to the Office of Acquisition (OA) of the U.S. Customs and Border Protection (CBP), the nation's largest law enforcement agency. Experienced CSRA personnel enhance CBP's proficiencies in Systems Engineering, Logistics & Sustainment, and Capabilities and Requirements Development to provide CBP's agents along our borders with the most capable systems which can affordably be procured. The team provides engineering and analytical expertise across a wide range of disciplines, meeting all DHS Systems Engineering Life Cycle mandated planning analysis and documentation; provide a full spectrum of Integrated Logistics Support; development of Operational Requirements; and conduct Operational Test & Evaluation activities. We help CBP procure the equipment and technology needed to keep the border safe and secure. Temporary role - needed through June 2019* Currently, we are seeking a Sr. Information Systems Security Engineer in Alexandria, VA. The selected candidate must currently hold or be able to obtain a CBP Background Investigation Suitability clearance, per contract requirements. So what is required of a Sr. Information Systems Security Engineer on day to day basis? There are quite a myriad of tasks and responsibilities, such as: * Implement security requirements based on laws, regulations or Presidential directives in compliance with FISMA and DHS Cyber-security initiatives * Integrate security design principles across disciplines and SELC process * Review proposed new systems, networks, software for potential security risks * Review security related product selection and implementation activities * Participate and provide security support in Vendors Source Selection process * Define the scope and level of detail for security plans applicable to the system * Identify need for changes based on new security technology and evolving threats * Analyze change requests to the system for security posture impact/updates * Review security incident response policy, manage security incident procedures * Execute duties described in DHS ISSO and DHS Security Authorization Guide * Manage and maintain system authorization status or Authority to Operate (ATO) * Perform Certification and Accreditation (C&A) to existing and new systems * Responsible for oversight and coordination of C&A activities of each system * Apply CBP Security Certification and Accreditation Process to assigned systems * Generate Security Artifacts templates for C&A artifacts requirement * Review and recommend approval on systems FIPS 199 and E-Authentication * Prepare and provide DHS formatted System Security Plan * Prepare System Owner and Information System Security Officer letters * Coordinate Security Test and Evaluation events between involved stakeholders * Participate Security Test and Evaluation process and Review ST&E report * Perform Vulnerability Assessment review and generate reports for System Owner and stakeholders Is this job the next step in your career? Are you ready to help keep America's border safe? To qualify, you must meet these basic qualifications: * Must be a US citizen * US Customs and Border Protection (CBP) suitability clearance (or ability to obtain) * Have experience with analyzing vulnerabilities and providing guidance on secure IT implementation of various operating systems (e.g. Windows, Unix, Linux, and Mac) * Have experience with analyzing vulnerabilities and providing guidance on secure IT implementation of various applications (e.g. Oracle, SQL Server, Apache, IIS) * Have experience with analyzing vulnerabilities and providing guidance on secure IT implementation of network devices (e.g. switches, routers, firewalls) * Have experience with analyzing vulnerabilities and providing guidance on secure architecture design of various applications (e.g. internal-only, publicly available) * Have experience serving as an ISSO with a federal government system, a DHS system is a plus * Ability to interface with other systems' ISSOs and provide support on multiple systems and security related issues * BS or equivalent + 5 years related experience, or MS + 3 years related experience Other qualifications include: * Knowledgeable with DHS IACS compliance tools, controls and processes * Experience conducting cybersecurity audits to ensure appropriate implementation and security compliance * Performing and providing vulnerability assessment results and recommendations * Assessing known systems vulnerabilities and verifying system hardening and patching activities to ensure compliance with applicable Security Requirements and related checklists * Working knowledge of cyber security toolsets * Experience with network and system security administration, including operating system security configuration and account management best practices for Operating Systems * Understanding of Systems Engineering requirements, specifications, and demonstrated experience implementing DoD and/or Federal IA Certification and Accreditation Processes, assessing and validating compliance with IA controls and developing and maintaining associated certification and accreditation documentation * Have detailed knowledge of the latest versions of NIST Special Publications (SP) 800-18, 800-30, 800-37, 800-39, 800-53, 800-53A, 800-60, etc. * Have experience with identification, documentation, and testing of security controls for information technology systems in accordance with the above NIST guidance * Have experience with identification of security risks (threat/likelihood/impact) to the system, networks, and organization and documenting risks for management review * Have experience with technical vulnerability scanning and secure configuration assessments, and documenting analysis of results * Ability to interface with customers of various levels, to include but not be limited to Authorizing Officials, Information System Owners, Independent Security Assessment Team and Technical system personnel * Excellent verbal/written communication skills * Excellent interpersonal skills * Able to work in a team environment * Understand Systems Engineering best practices Understand the Systems Engineering "V" complete lifecycle #cjobs #dicepost #gdjobs For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training, and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs, and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class. Post date: October 3, 2018 Location - Thoroughfare (i.e. Street address): Alexandria , VA United States Location - Thoroughfare (i.e. Street address): Information Systems Security Engineer (ISSE) - Current CBP BI required - temporary role - 6 month project CSRA October 3, 2018 CSRA provides technical support services to the Office of Acquisition (OA) of the U.S. Customs and Border Protection (CBP), the nation's largest law enforcement agency. Experienced CSRA personnel enhance CBP's proficiencies in Systems Engineering, Logistics & Sustainment, and Capabilities and Requirements Development to provide CBP's agents along our borders with the most capable systems which can affordably be procured. The team provides engineering and analytical expertise across a wide range of disciplines, meeting all DHS Systems Engineering Life Cycle mandated planning analysis and documentation; provide a full spectrum of Integrated Logistics Support; development of Operational Requirements; and conduct Operational Test & Evaluation activities. We help CBP procure the equipment and technology needed to keep the border safe and secure. Temporary role - needed through June 2019* Currently, we are seeking a Sr. Information Systems Security Engineer in Alexandria, VA. The selected candidate must currently hold or be able to obtain a CBP Background Investigation Suitability clearance, per contract requirements. So what is required of a Sr. Information Systems Security Engineer on day to day basis? There are quite a myriad of tasks and responsibilities, such as: * Implement security requirements based on laws, regulations or Presidential directives in compliance with FISMA and DHS Cyber-security initiatives * Integrate security design principles across disciplines and SELC process * Review proposed new systems, networks, software for potential security risks * Review security related product selection and implementation activities * Participate and provide security support in Vendors Source Selection process * Define the scope and level of detail for security plans applicable to the system * Identify need for changes based on new security technology and evolving threats * Analyze change requests to the system for security posture impact/updates * Review security incident response policy, manage security incident procedures * Execute duties described in DHS ISSO and DHS Security Authorization Guide * Manage and maintain system authorization status or Authority to Operate (ATO) * Perform Certification and Accreditation (C&A) to existing and new systems * Responsible for oversight and coordination of C&A activities of each system * Apply CBP Security Certification and Accreditation Process to assigned systems * Generate Security Artifacts templates for C&A artifacts requirement * Review and recommend approval on systems FIPS 199 and E-Authentication * Prepare and provide DHS formatted System Security Plan * Prepare System Owner and Information System Security Officer letters * Coordinate Security Test and Evaluation events between involved stakeholders * Participate Security Test and Evaluation process and Review ST&E report * Perform Vulnerability Assessment review and generate reports for System Owner and stakeholders Is this job the next step in your career? Are you ready to help keep America's border safe? To qualify, you must meet these basic qualifications: * Must be a US citizen * US Customs and Border Protection (CBP) suitability clearance (or ability to obtain) * Have experience with analyzing vulnerabilities and providing guidance on secure IT implementation of various operating systems (e.g. Windows, Unix, Linux, and Mac) * Have experience with analyzing vulnerabilities and providing guidance on secure IT implementation of various applications (e.g. Oracle, SQL Server, Apache, IIS) * Have experience with analyzing vulnerabilities and providing guidance on secure IT implementation of network devices (e.g. switches, routers, firewalls) * Have experience with analyzing vulnerabilities and providing guidance on secure architecture design of various applications (e.g. internal-only, publicly available) * Have experience serving as an ISSO with a federal government system, a DHS system is a plus * Ability to interface with other systems' ISSOs and provide support on multiple systems and security related issues * BS or equivalent + 5 years related experience, or MS + 3 years related experience Other qualifications include: * Knowledgeable with DHS IACS compliance tools, controls and processes * Experience conducting cybersecurity audits to ensure appropriate implementation and security compliance * Performing and providing vulnerability assessment results and recommendations * Assessing known systems vulnerabilities and verifying system hardening and patching activities to ensure compliance with applicable Security Requirements and related checklists * Working knowledge of cyber security toolsets * Experience with network and system security administration, including operating system security configuration and account management best practices for Operating Systems * Understanding of Systems Engineering requirements, specifications, and demonstrated experience implementing DoD and/or Federal IA Certification and Accreditation Processes, assessing and validating compliance with IA controls and developing and maintaining associated certification and accreditation documentation * Have detailed knowledge of the latest versions of NIST Special Publications (SP) 800-18, 800-30, 800-37, 800-39, 800-53, 800-53A, 800-60, etc. * Have experience with identification, documentation, and testing of security controls for information technology systems in accordance with the above NIST guidance * Have experience with identification of security risks (threat/likelihood/impact) to the system, networks, and organization and documenting risks for management review * Have experience with technical vulnerability scanning and secure configuration assessments, and documenting analysis of results * Ability to interface with customers of various levels, to include but not be limited to Authorizing Officials, Information System Owners, Independent Security Assessment Team and Technical system personnel * Excellent verbal/written communication skills * Excellent interpersonal skills * Able to work in a team environment * Understand Systems Engineering best practices Understand the Systems Engineering "V" complete lifecycle #cjobs #dicepost #gdjobs Alexandria , VA United States * Csra Inc. Alexandria VA

Information Systems Security Manager

Expired Job

Galaxy Technology Hires LLC