Information System Security Manager (ISSM)
The Information System Security Manager will support all information systems used to process classified information and support all unclassified systems. The ISSM will work in concert with other ISSMs, ISSOs, FSOs, CPSOs and Corporate IT as needed.
- Perform duties as subject matter expert to address requirement listed in DoD 8510.01, Risk Management Framework (RMF) for DoD Information Technology (IT), NIST Special Publication 800 series, NISPOM chapter 8, ODAA Process Manual, and DoD Security Baseline Documents.
- Ability to develop and review System Security Plans (SSP) In accordance with NISPOM and other security directives is required.
- Schedule, perform and maintain records of required Information Security auditing, patching, maintenance, software/hardware changes, and scanning based on evolving threat/vulnerabilities and customer compliance requirements.
- Build, configure and maintain Windows systems in compliance with DoD cyber security requirements.
- Perform periodic self-inspections, tests and reviews of the Information Security program to ensure that systems are operating as authorized/accredited and that conditions have not changed. Ensure corrective actions are taken for identified findings and vulnerabilities.
- Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures.
- Develop and conduct test procedures for verification of Certification & Accreditation (C&A), Authorization and Accreditation (A&A), Risk Management Framework (RMF) safeguards to meet customer requirements based upon NISPOM, NISPOM Overprint, DCID 6/3, JAFAN 6/3, JSIG, ICD 503, CNSSI 1253 and related NIST publications.
- Coordinate with Facility Security Officer (FSO) and Contractor Program Security Officers (CPSO) to define, implement and maintain information security policies, strategies, and procedures.
- Excellent written and verbal presentation skills to communicate well with team members, customers and senior leadership
- Ability to multi-task to accommodate deadlines
- Preventative maintenance and monitoring on hardware (desktops, laptops, tablets, AV equipment, and peripherals) and software with appropriate upgrades and updates.
- Hardware setup, installation, moves, and disposition, including inventory maintenance.
- Software configuration and installation, including the creation, testing, and deployment of desktop images.
- Printer troubleshooting, including coordinating with vendors to assist.
- Complete assigned help desk tickets and document tickets with accurate and timely information on the request and resolution.
- User account support, including password resets, group memberships, and file share access.
- Train, support, and provide guidance to IT AIT employees
- Ensure compliance with established company security policies and accepted risk impact to the business.
- Working knowledge of Network systems, routers, switches, etc.
- Maintain IT-related documentation (e.g. installation notes, process documentation, etc.).
- Adhere to standard procedures and best practices in performing duties, including software licensing and security management.
- Excellent people skills, with experience leading and collaborating in a multi-disciplinary, diverse, and dynamic team environment.
- Outstanding work ethic and commitment to organizational success
- Proficient with Microsoft Office products
- Excellent communication skills (written, verbal, & presentation)
- Excellent attention to detail
- Security +, CISSP certification preferred
- DCID 6/3, JAFAN 6/3, DIACAP, JSIG and/or ICD 503 (a.k.a. Risk Management Framework) experience.
- Knowledge in UNIX, Linux, and Windows operating systems.
- Experience with various types of secure telephone equipment (STE).
- 10+ Years working with information systems and user support.
- 3+ years direct experience as an Information System Security Manager or Information Systems Security Officer as defined in chapter 8 of the NISPOM or comparable experience.
- 3+ years direct experience as an Information System Security Manager or Information Systems Security Officer as defined in chapter 2 of JAFAN 6/3 or comparable experience.
- High school Diploma, (Bachelor’s Degree Preferred)
- U.S. Citizenship
- Existing DoD SECRET clearance
- Ability to lift up to 40 lbs.
- Ability to travel up to 25%
- Ability to stand and walk for sustained periods of time (50%).
This is an outstanding opportunity for a highly focused, self-motivated, team player. We offer a highly competitive compensation package and excellent growth opportunity. Please send your resume and salary history/requirements to our HR Representative at firstname.lastname@example.org.