The Information Systems Security Manager provides technical and programmatic Information Assurance Services to internal and external customers in support of network and information security systems.
Candidates must already possess a current and active TS/SCI with Poly clearance to be considered for this position
Responsibilities include, but are not limited to the following:
- Designs, develops and implements security requirements within an organizations business processes.
- Prepares documentation from information obtained using accepted guidelines such as RMF (Risk Management Framework).
- Prepares test plans.
- Provides assessment and authorization (A&A) support in the development of security and contingency plans and conducts complex risk and vulnerability assessments.
- Analyzes policies and procedures against Federal laws and regulations and provides recommendations for closing gaps.
- Develops and completes system security plans and contingency plans.
- Recommends system enhancements to improve security deficiencies.
- Develops, tests and integrates computer and network security tools.
- Secures system configurations and installs security tools, scans systems in order to determine compliancy and report results and evaluates products and various aspects of system administration.
- Conducts security program audits and develops solutions to lessen identified risks.
- Develops strategies to comply with privacy, risk management, and e-authentication requirements.
- Provides information assurance support for the development and implementation of security architectures to meet new and evolving security requirements.
- Evaluates, develops and enhances security requirements, policy and tools.
- Provides assistance in computer incident investigations.
- Performs vulnerability assessments including development of risk mitigation strategies.
- Experience with accreditation process’ (e.g. NIST800-53, ICD503)
- Candidate shall be able to demonstrate hands on experience through accreditation tools (e.g., Xacta, Nessus, AppDetective, WebInspect)
- Strong understanding of IT systems
- Candidate will ideally have professional certifications (e.g., CISSP, Security+)
- Candidate shall demonstrate experience working with and across teams and handling multiple projects at once.
- Demonstrate strong communication skills
- Candidate shall demonstrate understanding of strong security practices and working with Security Officers
- Requires 10 to 12 years with BS/BA or 8 to 10 years with MS/MA or 5 to 7 years with PhD.
We are an Equal Opportunity/Affirmative Action Employer.
We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law. Equal Opportunity Employer Minorities/Women/Vets/Disabled.