Sorry, this job is no longer accepting applications.
See below for more jobs that match what you’re looking for!
Information Systems Security Manager
Galaxy Technology Hires LLC
Alexandria , VA 20598
Posted 2 months ago
This Job is not relevant Tell us why
Have you ever wanted to be part of a world class engineering firm that manages to impact critical missions, while still maintaining a culture where engineers and professionals stand out and get to show off their individual skills and expertise?
Our client is a mid-sized engineering firm with more than 45 years of experience successfully supporting a large variety of Department of Defense and other government agencies' missions, mostly involving aspects of national security.
Information Systems Security Manager (ISSM)
The Information Technology (IT) Information Systems Security Team establishes and maintains the classified technology infrastructure and application support services required by our analysts to deliver timely, objective and cost-effective analysis. We design, develop, and deploy hardware- and software-based solutions in close coordination with client-facing groups while adhering to strict security protocols.
Serve as Information Systems Security Manager (ISSM) for classified computers in DoD and Intelligence Community computing environments. Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis. Ensure system security measures comply with applicable government policies. Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system. Maintain thorough understanding of NIST 800-53 controls, and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM). Conduct reviews and technical inspections (as prescribed by the Lead ISSM) to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional. Assist the Lead ISSM in monitoring and resolving Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems. Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, MSSP, RAR, SCTM)
- Bachelor's degree in an IT-related field or equivalent experience.
- Experience as an ISSM implementing NISPOM Chapter 8, JAFAN 6/3, DCID 6/3, ICD 503, and/or JSIG IS requirements.
- 10+ years of experience in information assurance technology or a related area.
- Have or obtain CISSP certification per DoD Directive 8570.1 within 6 months upon being hired.
- In accordance with Department of Defense (DoD) 8570.01M, must meet the proficiency and certification requirements of an IAM Level II. Acceptable certifications include CISSP, CISM, and GSLC.
- Experience in a research and development environment where software and algorithms are developed.
- Experience in developing external customer relationships and communications (e.g., DSS, NRO, DARPA, IARPA, AF, Navy)
- Proficient in Microsoft Office programs, including Word, Excel and PowerPoint, and a working knowledge of Microsoft desktop operating systems.
- Proficient in Microsoft Enterprise environment and the security architecture.
- Effective oral and written communication skills for working within a team environment.
- Ability to exercise independent judgment and to work autonomously with minimal supervision.
- Experience configuring systems for compliance with Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs).
- Experience validating system compliance using the Security Content Automation Protocol (SCAP) Validation Tool.
- Experience using the Assured Compliance Assessment Solution (ACAS) for vulnerability scans, network configuration assessments, and network discovery.
- Experience administering Red Hat Linux systems in a classified computing environment.
- Comfortable managing secure Public Key Infrastructure environments.
- Maintains awareness of upcoming customer / government driven changes and challenges and suggests approaches to meet those challenges.
- Experience with DoD Risk Management Framework (RMF), NIST SP 800-53, and NISPOM.
- Excellent time management skills; keeps commitments.
- Have an active Top Secret security clearance and ability to obtain SCI and SAP/SAR clearances.
- U.S. citizenship required
- Previous experience working as a security professional in a SAP/SCI environment.
- Familiarity conducting vulnerability scans.
- Familiarity with the ODAA Baseline Standard requirements, Joint Special Access Program (SAP) Implementation Guide (JSIG) and Risk Management Framework (RMF).
- Excellent communications skills (written & oral), ability to conduct IS user briefings.
- Bachelors degree in one of the following but not limited to: Information Technology, Information Assurance, Computer Information Systems, or Criminal Justice.
- Experience in PERSEC, COMSEC and/or program security roles.