Information Systems Security Manager

S4 Inc. Omaha , NE 68102

Posted 2 months ago

Job Title: Information Systems Security Manager

Work Location: USSTRATCOM Offutt AFB

Clearance: Current active TS+

Please note that you must be a US citizen to apply to this job posting

Education: HS Diploma/GED

Experience: 3 years of experience with DoD cybersecurity policies

Certification: Current 8570 IAT II certification or higher

Travel: Occasional

Salary: Commensurate with experience

Job Listing Number: 17004/NE19015

LCAT: Information System Assurance Manager

Specific Duties:

  • Assist the USSTRATCOM Authorizing Official (AO) ensuring the confidentiality, integrity, and availability of all assigned IT systems and programs.

  • Support/lead Assessment and Authorization (A&A) production efforts for assigned systems and coordinate A&A activities between the AO, Certifying Authority (CA), Program Manager (PM) and the Program Management Office (PMO) Security Engineering Team

  • Perform cybersecurity roles and initiate Risk Management Framework (RMF) processes for assigned systems

  • Provide cybersecurity analysis support and recommendations

  • Analyze certification evidence and artifacts, conduct risk analysis and prepare recommendations for accreditation decisions

  • Analyze plan of action and milestones and provide recommendations on operational cybersecurity issues

  • Advise and assist with system hardening and provide analysis and recommendations on optimizing cybersecurity risk mitigation strategies

  • Provide technical analysis and recommendations during technical conferences, program management reviews, and configuration management reviews

  • Oversee RMF activities for assigned systems

  • Assess systems IAW appropriate directives such as DODI 8500.2, CNSSI 1253, NIST 800.53

  • Assign supplemental controls to address specific threats or vulnerabilities to satisfy the requirements of public laws, Executive Orders, directives, policies, standards, or regulations

  • Post, edit, and maintain appropriate content on websites/portals or designated applications

  • Attend meetings and conferences as required

Skills:

Ability to work both independently and in a team environment, review complex directives and guidance and provide recommendations on system compliance with directives.

Qualifications:

  • Top Secret+ security clearance

  • Current Security+ (or higher certification)

  • Three years of experience with DoD cybersecurity policies.

To apply to this position please go to www.s4inc.com and click on Careers to complete and an employment application and to upload your resume.

S4 Inc. offers competitive salaries and a comprehensive benefits package with 401(k), and universal time off. We are an Equal Opportunity Employer-minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity. S4 participates in the E-Verify employment verification program. If you are looking for a challenging and rewarding position, then we invite you to submit your resume including salary history/requirements. Candidate selected must be able to obtain and maintain the security clearance required by the contract at all times.

If you are an individual with a disability or a disabled veteran, and need a reasonable accommodation to apply to a position, please contact Michelle Sweeney, HR Manager, by phone at (781) 273-1600 or by email at accommodation@s4inc.com.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Security Analyst Lead

CSG Systems Incorporated

Posted 1 week ago

VIEW JOBS 4/14/2019 12:00:00 AM 2019-07-13T00:00 15391 Information Security Analyst Lead (Open) Position Type: Full time Location(s): US.NE.Omaha.Campus Organization: Enterprise Information Security Position Details: The Lead Information Security Analyst will drive the implementation and administration of information security policies, practices, procedures, and technologies to ensure the protection of networks, systems, applications, and data. This role will be looked to as an information security technical expert and mentor within the organization, helping to ensure compliance with all security policies and standards, as well as with industry regulations and laws. This role will also lead day-to-day security operations including the full incident response life-cycle to include developing and recommending corrective action in partnership with IT and non-IT team members. Job Responsibilities: * Perform log collection, correlation, reviews, archival, retention, and monitoring of alerts for items such as, and not limited to: IPS/IDS alerts, application firewall alerts, malware alerts, change detection (FIM) alerts, rogue wireless network alerts, security system health alerts, exploit attempt alerts, etc. * Lead the security operations responsibilities for audit, compliance, and regulatory functions, including and not limited to: Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), International Standards Organization 27001, state and Federal privacy laws, and general security auditing * Provide technical leadership for the vulnerability management program that includes: external and internal vulnerability scans of applications and systems, external and internal penetration tests of applications and systems, the documenting and remediating of identified vulnerabilities and exploits, routinely monitoring various communication avenues for security vulnerabilities and security patches, taking a risk based approach comparing those security vulnerabilities and security patches across the operating environment, and making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities * Provide expertise for the organization's technical incident response plan and performs, reviews, and analyzes events/incidents on an as needed basis * Mentor, train, and lead the security operations team and lead the technical implementation of security priorities * Must be able to work outside normal business hours when needed to perform diagnosis and/or implementation of product releases or changes so that normal business workflow is not interrupted * This job requires domestic and/or international travel up to 5%. Education: * College degree in Computer Science, Information Security, related field, or equivalent experience Experience: * Experience in enterprise level execution of the full incident response lifecycle * Experience performing vulnerability scanning and penetration testing both at an application and network layer * Experience maintaining information security technologies, such as: IDS/IPS, malware prevention, database activity monitoring, secure password repository, multi-factor authentication, SIEM, SPAM prevention, web content filtering, IDM/IAM, encryption and encryption key management, DLP, change detection, and vulnerability scanners Preferred * Qualified and successful candidates will have at least 5 years of experience working extensively within information security * Qualified and successful candidates will have previous experience leading and training team members Knowledge, Skills and Abilities * In-depth knowledge of TCP/IP: must be able to demonstrate technical understanding of all layers of the TCP/IP stack, including familiarity with major application-layer protocols such as HTTP, HTTPS, FTP, SFTP, FTPS, SMTP, DNS, etc.; must be able to read and understand a packet trace; must be able to read and interpret network access control lists * In-depth understanding of a variety of network and application attacks: examples include DoS/DDoS, buffer overflows, SQL injection, reconnaissance scanning, and evasive methods attackers use to avoid detection; must be able to demonstrate a minimum level of familiarity with well-known vulnerabilities and exploits * Working knowledge with IT security, compliance, and regulatory requirements, such as: Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), International Standards Organization (ISO) 27001, and state and Federal privacy laws Preferred * One or more of the following certifications preferred: * Global Information Assurance Certification (GCIH, GCFA, GREM, etc) * Offensive Security Certified Professional * (ISC)2 SCCP * (ISC)2 CISSP CSG Systems Incorporated Omaha NE

Information Systems Security Manager

S4 Inc.