Information System Security Manager

John Galt Staffing, Inc.
Manassas, United States of America
17 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English

Job location

Manassas, United States of America

Tech stack

Microsoft Windows
Computer Security
Information Systems
Data Security
Linux
Information Security Management
Network Control
Legacy Systems
Vulnerability Analysis

Job description

The ISSM will adhere to all requirements as stated in the 32 CFR Part 117 NISPOM Rule, National Industrial Security Program Operating Manual (NISPOM, DoD 5220.22-M) and the Defense Counterintelligence and Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM) The ISSM shall liaise directly with the assigned DCSA ISSP to ensure full and timely compliance with government directives and regulations The ISSM shall assist the Facility Security Officer (FSO) in the effective implementation, assessment, and management of the PSC Security Program The ISSM reports security issues to the FSO and the Insider Threat Program Senior Official (ITPSO) as applicable Establishes, documents, implements, and monitors the Information System (IS) hardware, software, security program, System Security Plans (SSPs), security education, awareness, and training activities for facility management, IS personnel, users, and others, as appropriate Coordinates IS security program with the Corporate ISSM and Information System Security Officers (ISSOs) in addition to other facility ISSMs and ISSOs Prepares and implements security documentation, and monitors the IS Security Program and related procedures to ensures facility compliance with requirements for IS Identifies and documents unique local threats and vulnerabilities; makes recommendation to risk management status and reports threat indicators into the Insider Threat process Ensures that periodic self-inspections of the facility's IS security program and accredited systems are conducted as part of the overall facility self-inspection program and that corrective action is taken for all identified findings and vulnerabilities; self-inspections are to ensure that the accredited system is operating as accredited and that accreditation conditions have not changed Develops and implements Incident Response plans, vulnerability assessments, and maintenance procedures Designates and manages the training, certification and oversight responsibilities of assigned ISSOs as applicable Monitors and provides guidance on Information Assurance and IS Security Awareness to employees through scheduled briefings, training and Monthly IS Security Newsletter Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

Requirements

Must possess or be willing to obtain CISSP and applicable certifications supporting DoD Directive 8570 Experience with or have worked as one or more of the following: Information Systems Security Manager (ISSM), Information System Security Officer (ISSO), Linux administrator (Linux +), Windows administrator (all OS(s) including legacy systems), Systems Administrator, Information System Auditor, Data Security Analyst, Network Control Technician Experience with ISFO and RMF process Experience with Linux and Networking DESIRED SKILLS & REQUIREMENTS: Industrial Security Program experience Active DoD Security clearance Experience with RMF and Compliance for system compliance CISSP certification Experience with NIST 800-53 r4 Project Management and Leadership Excellent written and verbal communication skills Familiarity with OBMS and EMASS Experience implementing DISA STIGs Knowledge of SIPRNet operations at the small enclave level

Apply for this position