Description: As an Information Systems Security Manager (ISSM), you will join our Classified Cyber Security Team, supporting Department of Defense (DoD) programs to ensure classified information systems meet cyber security requirements and government directives. In this role, you will leverage your technical skills to:
Interpret the Joint Special Access Program Implementation Guide (JSIG) to determine technical Information Assurance (IA) requirements, conduct cyber risk assessment activities, including vulnerability analysis, analysis of mitigation solutions, and ensure proper security implementation of the Risk Management Framework (RMF).Develop system documentation for information system authorization, security management, and continuous monitoring of both networked and standalone information systems.Ensure that selected security controls are implemented and operating as intended during all phases of the information systems lifecycle.Provide "eyes on glass" security monitoring in accordance with DoD requirements by monitoring security infrastructure and security alarm devices for Indicators of Compromise (IOC) utilizing SIEM and cybersecurity tool sets.Perform hardware/software configuration management, data integrity containments, and investigations on IA-related security events.Coordinate with cyber systems security engineers, system architects, and developers to provide oversight in the development of secure technical solutions.Participate in the implementation of current and future security domains, including new service areas such as Cloud Computing and DevSecOps.Basic Qualifications: DoD 8570 approved baseline certification for IAM Level III or higher (i.e. CISM, CISSP (or Associate), GSLC or CCISO)Experience leveraging security tools such as Splunk, Nessus, McAfee, Trellix, Ivanti, ACAS etc.Experience as an ISSO implementing or managing cyber security requirements on classified systems under JSIG, NISPOM, ICD 503, and/or CNSSI 1253.Experience with developing, reviewing and maintaining RMF artifacts.Experience with Windows Operating Systems and Windows Domain infrastructure (i.e., Windows Server 2016, Windows 10, Group Policy Objects, Active Directory, etc.)Desired Skills: Advanced knowledge/experience in the assessment of a comprehensive cybersecurity program to include risk management, reviewing system security plans (SSP)s and associated artifacts (e.g., POAMs, etc.), identifying secure system configurations (e.g., Win10, Server2016, RHEL, etc.), reviewing system/network audits, and remediating cyber-incidents.Experience with Azure/similar cloud environments or recognized cloud proficiency (CCSP, AWS, CSA, CompTIA Cloud+, CCSK or others)Experience using cloud security tool sets (i.e. Microsoft Azure Sentinel, Azure Defender)Experience with configuration management products (i.e., Ansible, SCCM/MECM, Chef, Puppet, Blade Logic, etc.)Experience as an ISSM on multi-site or complex ISs.Security Clearance Statement: This position requires a government security clearance, you must be a US Citizen for consideration.
Clearance Level: Top Secret with Investigation or CV date within 5 years
Experience Level: Experienced Professional
Business Unit: AERONAUTICS COMPANY
Relocation Available: Possible
Career Area: Cyber Security
Type: Full-Time
Shift: First
#J-18808-Ljbffr