Serve as a Subject Matter Expert with respect to National-level Security Policies to include ICD 503, NIST SP-800 Series, and CNSS Instruction 1253. Communicate and interact with all system stakeholders to include Senior Management and the Authorizing Official. Ensure ISS - Os and stakeholders follow all information security policies, standards, and methodologies to obtain and/or maintain security authorizations for information systems Provide daily oversight and direction to ISS - Os. Provide s... more details
We are seeking an Information Systems Security Manager (ISSM) Senior (Sr) for a prime contract that is based out of our Columbia, MD office. As the ISSM Sr, you will serve on a team that is responsible for the Authorization and Assessment process under the Risk Management Framework (RMF) for new and existing information systems and will be expected to maintain Authority to Operate compliance for all assigned systems.
The work environment is fast-paced and sometimes involves deadline pressures. The nature of the work requires a high degree of teamwork and cooperation with other members of the staff as well as individuals across the Company and Customers. Our program includes easily available process information and support from others with similar positions across the team.
Responsibilities:
Serve as a Subject Matter Expert with respect to National-level Security Policies to include ICD 503, NIST SP-800 Series, and CNSS Instruction 1253.
Communicate and interact with all system stakeholders to include Senior Management and the Authorizing Official.
Ensure ISSOs and stakeholders follow all information security policies, standards, and methodologies to obtain and/or maintain security authorizations for information systems
Provide daily oversight and direction to ISSOs.
Provide support for program, organization, system or enclave’s information assurance program.
Provide assistance for proposing, implementing, and enforcing information systems security polices, standards and methodologies.
Provide support to the customer organization in maintaining the appropriate operational security posture for assigned systems, programs, and/or enclaves.
Provide guidance and technical expertise on all matters that impact or effect the security of the information system.
Assist in the development and execution of an enterprise level continuous monitoring program to minimize security risks and ensure compliance with that program on a routine basis.
Guide the development, update, and submission the System Security Plan and other required documentation that make up the Security Authorization Package.
Conduct configuration management for security-relevant changes to software, hardware, and firmware.
Manage and control changes to the system, as well as assessing the effectiveness of system security controls on an ongoing basis to determine system security status.
Perform and deliver security impact analyses of changes to the system or its environment of operation.
Maintain and enforce IT security policies and implementation guidelines for customer systems in diverse operational environments.
#divergent
In-depth knowledge of the security authorization processes and procedures as defined in the RMF in NIST SP800-37 and familiarity with the ICD503, CNSSI1253, NIST SP800-53, etc.
Knowledge of commercial security tools and their uses.
Experience with hardware/software security implementations.
Knowledge of different communication protocols, encryption techniques/tools, and PKI and authorization services.
Familiarity with security incident management, experience collaborating with Incident Response Teams, and able to provide viable recommendations for the resolution or computer security incidents and vulnerability compliance.
Experience creating and presenting documentation and management reports.
Attendance is always critical. Must be able to work a 40-hour workweek, normally Monday through Friday. However, times and days may vary depending on business requirements. Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur.
Must be able to communicate effectively both verbally and in writing.
Must put forward a professional behavior that enhances productivity and promotes teamwork and cooperation.
Must be able to interface with individuals at all levels of the organization both verbally and in writing.
Must be well-organized with the ability to coordinate and prioritize multiple tasks simultaneously.
Must work well under pressure to meet deadline requirements.
Must take and pass a drug test and background check as well as a motor vehicle records check.
DoD 8570.1 compliant IAM Level III certification, such as the GSLC, CISM, and/or CISSP (or Associate) will also be accepted.
Clearance Required:
TS/SCI w/Poly
Minimum Education:
A Bachelor’s Degree in Computer Science or IT Engineering or related field may be substituted for four (4) years of experience
12 years of related work experience in the field of security authorization.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. 20362-FMD2 (TR-FMD2) 9800 Savage Rd (Ops 1) 9840 OBrien Rd (R and E) Fort Meade, 20755
Job Abstracts is an independent Job Search Engine. Job Abstracts is not an agent or representative and is not endorsed, sponsored or affiliated with any employer. Job Abstracts uses proprietary technology to keep the availability and accuracy of its job listings and their details. All trademarks, service marks, logos, domain names, and job descriptions are the property of their respective holder. Job Abstracts does not have its members apply for a job on the jobabstracts.com website. Additionally, Job Abstracts may provide a list of third-party job listings that may not be affiliated with any employer. Please make sure you understand and agree to the website's Terms & Conditions and Privacy Policies you are applying on as they may differ from ours and are not in our control.
Any time you conduct a search, the system shows you job matches, ranked by their Relevance Score (RS).
The score is calculated by a proprietary algorithm that uses Intelligent Machine Learning.
The Relevance Score tells you how well the job opportunity matches your search term or terms.
When not logged in, the system is limited to one search term. Scores for single term matches are usually lower.
When you register, log in, and set up multiple terms prioritized by importance, the jobs found for you will receive a much higher Relevance Score.