ZipRecruiter
Information System Security Manager (ISSM)
ZipRecruiter, San Diego, California, United States, 92189
Job Description: The Information Systems Security Manager (ISSM) is responsible for creating, implementing, and managing a cybersecurity program, focusing on protecting information systems and data through policy development, risk assessment, security control implementation, incident response, and ongoing monitoring.
Key duties include developing and enforcing security policies, conducting risk assessments, designing security controls, managing incident response, and ensuring compliance with relevant standards and regulations.
Key Responsibilities
Administer and maintain cloud security posture management (CSPM) and vulnerability management platforms including Qualys, CrowdStrike, and Bitsight. Design, build, and operate CrowdStrike solutions across cloud and on-prem environments to enhance threat visibility, risk identification, and vulnerability remediation. Information System Program Management. Develop, implement, and maintain system security policies, plans, and procedures in alignment with RMF, NIST 800 publications, DAAPM, and NISPOM requirements. Develop and maintain security architecture and security policies, principles, and standards. Develop and validate baseline security configurations for operating systems, applications, and networking equipment. Manage the system lifecycle management process, including developing and maintaining security plans and documentation. Perform and document risk assessments; manage POA&M’s with stakeholders to identify weaknesses, mitigation actions, and timelines; enforce configuration management and assess system changes for security impact. Knowledge of current and emerging threats/threat vectors. Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins). Knowledge of penetration testing principles, tools, and techniques. Participate in security investigations and compliance reviews, as requested by internal or external auditors. Implement continuous monitoring strategies; conduct regular audits and assessments to ensure controls remain effective and vulnerabilities are addressed promptly. Monitor for security incidents and vulnerabilities; manage incident response, system recovery, and reporting processes to restore security safeguards quickly and accurately. Provide second- and third-level support and analysis during and after a security incident. Assist security administrators and IT staff in the resolution of reported security incidents. Develop and implement system security training and awareness program for all roles; brief users on security responsibilities and ensure training completion before access. Communicate regularly with stakeholders: FSO, SMO, managers, users, DCSA. Provide backup IT support when required. Oversee ISSO’s under their purview to ensure they follow established IS policies and procedures. Assume ISSO responsibilities in the absence of the ISSO; maintain required IA certifications. Ensure System Administrators (SA) monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks. Skills, Knowledge, and Expertise
Active DoD Secret Security Clearance. Bachelor’s degree in a related discipline or equivalent work experience. Five (5) years of experience in one or more of the following areas (e.g., eMASS support, policy creation, vulnerability scanning, analysis and patching, ISSO, SA, or other cybersecurity roles). Strong understanding of RMF, DAAPM, NIST 800 series publication, CMMC. Experience with RMF tools and applications (STIG’s, SCAP, eMASS). Excellent written and verbal communication skills. Benefits
What’s in it for you on Day 1: Medical, dental, and vision insurance plans. Prescription Drug Plans. Basic Life Insurance. 401k plan with company match. Tuition Reimbursement Program. Employee Referral Program. PTO and Paid Sick Leave. Paid Holidays. Exciting Onsite Perks: Free coffee available at our cafeteria. Employee Appreciation Events. Knowles is committed to providing a competitive and fair total compensation package for all employees. The starting pay for this role is targeted to be between $75,000 and $90,000 per year. Equal Opportunity Statement:
Knowles Precision Devices prohibits pay discrimination and discrimination of any kind based on race, color, religion, sex, national origin, age, disability, veteran status, marital status, sexual orientation, gender identity, or any other legally protected status.
#J-18808-Ljbffr
Administer and maintain cloud security posture management (CSPM) and vulnerability management platforms including Qualys, CrowdStrike, and Bitsight. Design, build, and operate CrowdStrike solutions across cloud and on-prem environments to enhance threat visibility, risk identification, and vulnerability remediation. Information System Program Management. Develop, implement, and maintain system security policies, plans, and procedures in alignment with RMF, NIST 800 publications, DAAPM, and NISPOM requirements. Develop and maintain security architecture and security policies, principles, and standards. Develop and validate baseline security configurations for operating systems, applications, and networking equipment. Manage the system lifecycle management process, including developing and maintaining security plans and documentation. Perform and document risk assessments; manage POA&M’s with stakeholders to identify weaknesses, mitigation actions, and timelines; enforce configuration management and assess system changes for security impact. Knowledge of current and emerging threats/threat vectors. Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins). Knowledge of penetration testing principles, tools, and techniques. Participate in security investigations and compliance reviews, as requested by internal or external auditors. Implement continuous monitoring strategies; conduct regular audits and assessments to ensure controls remain effective and vulnerabilities are addressed promptly. Monitor for security incidents and vulnerabilities; manage incident response, system recovery, and reporting processes to restore security safeguards quickly and accurately. Provide second- and third-level support and analysis during and after a security incident. Assist security administrators and IT staff in the resolution of reported security incidents. Develop and implement system security training and awareness program for all roles; brief users on security responsibilities and ensure training completion before access. Communicate regularly with stakeholders: FSO, SMO, managers, users, DCSA. Provide backup IT support when required. Oversee ISSO’s under their purview to ensure they follow established IS policies and procedures. Assume ISSO responsibilities in the absence of the ISSO; maintain required IA certifications. Ensure System Administrators (SA) monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks. Skills, Knowledge, and Expertise
Active DoD Secret Security Clearance. Bachelor’s degree in a related discipline or equivalent work experience. Five (5) years of experience in one or more of the following areas (e.g., eMASS support, policy creation, vulnerability scanning, analysis and patching, ISSO, SA, or other cybersecurity roles). Strong understanding of RMF, DAAPM, NIST 800 series publication, CMMC. Experience with RMF tools and applications (STIG’s, SCAP, eMASS). Excellent written and verbal communication skills. Benefits
What’s in it for you on Day 1: Medical, dental, and vision insurance plans. Prescription Drug Plans. Basic Life Insurance. 401k plan with company match. Tuition Reimbursement Program. Employee Referral Program. PTO and Paid Sick Leave. Paid Holidays. Exciting Onsite Perks: Free coffee available at our cafeteria. Employee Appreciation Events. Knowles is committed to providing a competitive and fair total compensation package for all employees. The starting pay for this role is targeted to be between $75,000 and $90,000 per year. Equal Opportunity Statement:
Knowles Precision Devices prohibits pay discrimination and discrimination of any kind based on race, color, religion, sex, national origin, age, disability, veteran status, marital status, sexual orientation, gender identity, or any other legally protected status.
#J-18808-Ljbffr