Cornell Dubilier - Manufacturer of Power Capacitors
Information System Security Manager (ISSM)
Cornell Dubilier - Manufacturer of Power Capacitors, San Diego, California, United States, 92189
Overview
Information System Security Manager (ISSM) role at Cornell Dubilier - Manufacturer of Power Capacitors. The Information System Security Manager (ISSM) is responsible for creating, implementing and managing cybersecurity program, focusing on protecting information systems and data through policy development, risk assessment, security control implementation, incident response, and ongoing monitoring. Responsibilities
Administer and maintain cloud security posture management (CSPM) and vulnerability management platforms including Qualys, CrowdStrike, and Bitsight. Design, build, and operate CrowdStrike solutions across cloud and cloud-native environments to enhance threat visibility, risk identification, and vulnerability remediation. Information System Program Management. Develop, implement, and maintain system security policies, plans and procedures in alignment with RMF, NIST 800 publications, DAAPM, and NISPOM requirements. Develop and maintain security architecture and security policies, principles and standards. Develop and validate baseline security configurations for operating systems, applications, and networking equipment. Manage the system lifecycle management process, including developing and maintaining security plans and documentation. Perform and document risk assessments; manage POA&Ms with stakeholders to identify weaknesses, mitigation actions, and timelines; enforce configuration management and assess system changes for security impact. Knowledge of current and emerging threats/threat vectors. Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins). Knowledge of penetration testing principles, tools, and techniques. Participate in security investigations and compliance reviews, as requested by internal or external auditors. Implement continuous monitoring strategies; conduct regular audits and assessments to ensure controls remain effective and vulnerabilities are addressed promptly. Monitor for security incidents and vulnerabilities; manage incident response, system recovery, and reporting processes to restore security safeguards quickly and accurately. Provide second- and third-level support and analysis during and after a security incident. Assist security administrators and IT staff in the resolution of reported security incidents. Develop and implement system security training and awareness program for all roles; brief users on security responsibilities and ensure training completion before access. Communicate regularly with stakeholders: FSO, SMO, managers, users, DCSA. Provide backup IT support when required. Oversee ISSO’s under their purview to ensure they follow established IS policies and procedures. Assume ISSO responsibilities in the absence of the ISSO; maintain required IA certifications. Ensure System Administrators (SA) monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks. Qualifications
Active DoD Secret Security Clearance Bachelor’s degree in related discipline or equivalent work experience Five (5) years of experience in one or more of the following areas (e.g., eMASS support, policy creation, vulnerability scanning, analysis and patching, ISSO, SA, or other cybersecurity roles) Strong understanding of RMF, DAAPM, NIST 800 series publication, CMMC Experience RMF tools and applications (STIGs, SCAP, eMASS) Excellent written and verbal communication skills Compensation and Benefits
Salary range: $75,000 - $90,000 per year (starting pay; final compensation based on experience and location) Medical, dental and vision insurance plans Prescription Drug Plans Basic Life Insurance 401k plan with company match Tutorial or Tuition Reimbursement Program Employee Referral Program PTO and Paid Sick Leave Paid Holidays Onsite perks: Free coffee and Employee Appreciation Events Note: Equal Opportunity Statement and other legal notices are retained where applicable in accordance with company policy.
#J-18808-Ljbffr
Information System Security Manager (ISSM) role at Cornell Dubilier - Manufacturer of Power Capacitors. The Information System Security Manager (ISSM) is responsible for creating, implementing and managing cybersecurity program, focusing on protecting information systems and data through policy development, risk assessment, security control implementation, incident response, and ongoing monitoring. Responsibilities
Administer and maintain cloud security posture management (CSPM) and vulnerability management platforms including Qualys, CrowdStrike, and Bitsight. Design, build, and operate CrowdStrike solutions across cloud and cloud-native environments to enhance threat visibility, risk identification, and vulnerability remediation. Information System Program Management. Develop, implement, and maintain system security policies, plans and procedures in alignment with RMF, NIST 800 publications, DAAPM, and NISPOM requirements. Develop and maintain security architecture and security policies, principles and standards. Develop and validate baseline security configurations for operating systems, applications, and networking equipment. Manage the system lifecycle management process, including developing and maintaining security plans and documentation. Perform and document risk assessments; manage POA&Ms with stakeholders to identify weaknesses, mitigation actions, and timelines; enforce configuration management and assess system changes for security impact. Knowledge of current and emerging threats/threat vectors. Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins). Knowledge of penetration testing principles, tools, and techniques. Participate in security investigations and compliance reviews, as requested by internal or external auditors. Implement continuous monitoring strategies; conduct regular audits and assessments to ensure controls remain effective and vulnerabilities are addressed promptly. Monitor for security incidents and vulnerabilities; manage incident response, system recovery, and reporting processes to restore security safeguards quickly and accurately. Provide second- and third-level support and analysis during and after a security incident. Assist security administrators and IT staff in the resolution of reported security incidents. Develop and implement system security training and awareness program for all roles; brief users on security responsibilities and ensure training completion before access. Communicate regularly with stakeholders: FSO, SMO, managers, users, DCSA. Provide backup IT support when required. Oversee ISSO’s under their purview to ensure they follow established IS policies and procedures. Assume ISSO responsibilities in the absence of the ISSO; maintain required IA certifications. Ensure System Administrators (SA) monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks. Qualifications
Active DoD Secret Security Clearance Bachelor’s degree in related discipline or equivalent work experience Five (5) years of experience in one or more of the following areas (e.g., eMASS support, policy creation, vulnerability scanning, analysis and patching, ISSO, SA, or other cybersecurity roles) Strong understanding of RMF, DAAPM, NIST 800 series publication, CMMC Experience RMF tools and applications (STIGs, SCAP, eMASS) Excellent written and verbal communication skills Compensation and Benefits
Salary range: $75,000 - $90,000 per year (starting pay; final compensation based on experience and location) Medical, dental and vision insurance plans Prescription Drug Plans Basic Life Insurance 401k plan with company match Tutorial or Tuition Reimbursement Program Employee Referral Program PTO and Paid Sick Leave Paid Holidays Onsite perks: Free coffee and Employee Appreciation Events Note: Equal Opportunity Statement and other legal notices are retained where applicable in accordance with company policy.
#J-18808-Ljbffr