Watermark Risk Management International, LLC
ISSM II - Information Systems Security Manager
Watermark Risk Management International, LLC, Hampton, Virginia, United States, 23661
Overview
ISSM II - Information Systems Security Manager. Primary advisor on information systems security, supporting Special Access Programs (SAPs) for DoD agencies. Provides day-to-day security support for Collateral, SCI, and SAP activities within SAP environments. Responsibilities
Perform oversight of the development, implementation and evaluation of information system security program policy with emphasis on integrating existing SAP network infrastructures Develop and enforce operational information systems security policies and guidelines for network security based on the RMF with emphasis on JSIG authorization processes Advise customers on RMF assessment and authorization issues Conduct risk assessments and provide recommendations to DoD agency customers Advise government program managers on security testing methodologies and processes Evaluate authorization documentation and provide written recommendations for authorization to government PMs Develop and maintain a formal Information Systems Security Program Ensure training for IAOs, network administrators, and other cybersecurity personnel Develop, review, endorse, and recommend action on system assessment documentation by the AO or DAO Ensure procedures for clearing, sanitizing, and destroying hardware and media are in place Develop and execute security assessment plans to verify protection level requirements Maintain repositories for all system authorization documentation and modifications Institute and implement a Configuration Control Board (CCB) charter Develop policies for responding to security incidents and report security violations Ensure corrective measures are taken when incidents or vulnerabilities are discovered Establish data ownership, responsibilities, and access rights for each authorization boundary Develop and implement an information security education, training, and awareness program Evaluate threats and vulnerabilities to determine if additional safeguards are needed Assess changes in the system and environment that could affect authorization Ensure authorization is accomplished with valid determinations for all boundaries under your purview Review AIS assessment plans Coordinate with PSO or cognizant security official on approval of external information systems Conduct periodic assessments of the security posture of authorization boundaries Ensure configuration management for security-relevant changes and proper documentation Ensure periodic testing to evaluate the security posture using intrusion/attack detection and monitoring tools Ensure system recovery and reconstitution processes support availability goals Ensure all authorization documentation is current and accessible to properly authorized individuals Ensure security requirements are addressed during all phases of the system life cycle Participate in self-inspections and periodic reviews of system security to accommodate policy or technology changes Coordinate technical security issues outside of area of expertise with ISSE Provide expert research and analysis to support expanding programs related to cybersecurity and IT activities Develop Assured File Transfers (AFT) in accordance with JSIG Provide leadership, mentoring, and quality assurance for Cyber Security and IT team members Additional duties as assigned Qualifications
Experience
7-9 years related experience Prior performance in roles such as ISSO or ISSM Education
Bachelor’s degree in a related area or equivalent experience (4 years) Certification
IAT Level 3 (CISSP, CASP+ CE, CCNP Security, CISA, etc.) or IAM Level 3 Security Clearance
Active/Current TS/SCI. Must be able to obtain CI Poly. Other Requirements
Reports to a location which may require travel between buildings Must be able to lift up to 50 lbs Occasional sedentary work at least 50% of the time Demonstrated critical thinking and leadership skills; effective verbal and written communication Experience with SAP and DoD security activities preferred Benefits
Competitive benefits package: 100% employer-paid medical insurance, paid leave, employee assistance program, and a 401k plan Watermark is an equal opportunity employer. All terms and conditions of employment are established without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, veteran status, or any other protected category under applicable federal, state, and local laws. Location notes: Hampton, VA; Norfolk, VA; Newport News, VA; Suffolk, VA are among current posting locations. Salary ranges and postings may reflect legal requirements and third-party estimates.
#J-18808-Ljbffr
ISSM II - Information Systems Security Manager. Primary advisor on information systems security, supporting Special Access Programs (SAPs) for DoD agencies. Provides day-to-day security support for Collateral, SCI, and SAP activities within SAP environments. Responsibilities
Perform oversight of the development, implementation and evaluation of information system security program policy with emphasis on integrating existing SAP network infrastructures Develop and enforce operational information systems security policies and guidelines for network security based on the RMF with emphasis on JSIG authorization processes Advise customers on RMF assessment and authorization issues Conduct risk assessments and provide recommendations to DoD agency customers Advise government program managers on security testing methodologies and processes Evaluate authorization documentation and provide written recommendations for authorization to government PMs Develop and maintain a formal Information Systems Security Program Ensure training for IAOs, network administrators, and other cybersecurity personnel Develop, review, endorse, and recommend action on system assessment documentation by the AO or DAO Ensure procedures for clearing, sanitizing, and destroying hardware and media are in place Develop and execute security assessment plans to verify protection level requirements Maintain repositories for all system authorization documentation and modifications Institute and implement a Configuration Control Board (CCB) charter Develop policies for responding to security incidents and report security violations Ensure corrective measures are taken when incidents or vulnerabilities are discovered Establish data ownership, responsibilities, and access rights for each authorization boundary Develop and implement an information security education, training, and awareness program Evaluate threats and vulnerabilities to determine if additional safeguards are needed Assess changes in the system and environment that could affect authorization Ensure authorization is accomplished with valid determinations for all boundaries under your purview Review AIS assessment plans Coordinate with PSO or cognizant security official on approval of external information systems Conduct periodic assessments of the security posture of authorization boundaries Ensure configuration management for security-relevant changes and proper documentation Ensure periodic testing to evaluate the security posture using intrusion/attack detection and monitoring tools Ensure system recovery and reconstitution processes support availability goals Ensure all authorization documentation is current and accessible to properly authorized individuals Ensure security requirements are addressed during all phases of the system life cycle Participate in self-inspections and periodic reviews of system security to accommodate policy or technology changes Coordinate technical security issues outside of area of expertise with ISSE Provide expert research and analysis to support expanding programs related to cybersecurity and IT activities Develop Assured File Transfers (AFT) in accordance with JSIG Provide leadership, mentoring, and quality assurance for Cyber Security and IT team members Additional duties as assigned Qualifications
Experience
7-9 years related experience Prior performance in roles such as ISSO or ISSM Education
Bachelor’s degree in a related area or equivalent experience (4 years) Certification
IAT Level 3 (CISSP, CASP+ CE, CCNP Security, CISA, etc.) or IAM Level 3 Security Clearance
Active/Current TS/SCI. Must be able to obtain CI Poly. Other Requirements
Reports to a location which may require travel between buildings Must be able to lift up to 50 lbs Occasional sedentary work at least 50% of the time Demonstrated critical thinking and leadership skills; effective verbal and written communication Experience with SAP and DoD security activities preferred Benefits
Competitive benefits package: 100% employer-paid medical insurance, paid leave, employee assistance program, and a 401k plan Watermark is an equal opportunity employer. All terms and conditions of employment are established without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, veteran status, or any other protected category under applicable federal, state, and local laws. Location notes: Hampton, VA; Norfolk, VA; Newport News, VA; Suffolk, VA are among current posting locations. Salary ranges and postings may reflect legal requirements and third-party estimates.
#J-18808-Ljbffr