Director, Information Assurance and Security

Required Qualifications: 16 years of total professional experience 10+ years of experience running/leading information assurance and system management/operations in a classified environment Active TS/SCI clearance w/ ability to obtain polygraph DoD 8570 IAM Level II or III certifications (CISSP, CISM, CAP, CASP+, etc.) An equivalent combination of education and experience may be accepted as a satisfactory substitute for the specific education and experience listed above. Excellent executive level oral and written communications skills are essential Desired Qualifications: Previous ISSO, ISSM, ISSE, SCA experience in an IC environment is essential. Experience creating and submitting security documentation Excellent interpersonal and communication skills with the ability to build relationships, influence outcomes, and to deliver effective presentations to a variety of audiences. Demonstrated ability to interact comfortably with all levels of management and actively participate on senior leadership teams. We are seeking a dynamic, well organized and highly motivated individual with prior relevant experience to serve as the Director of Information Assurance and Information Systems Security Manager (ISSM) of classified systems. The Director of IA will be responsible for ensuring the company’s adherence to policies, practices, and procedures of the Risk Management Framework (RMF) and Intelligence Community Directive (ICD 503) for implementing the policies, practices, and procedures contained within. This position is within Peraton’s Office of the Chief Information Officer (OCIO) and reports directly to the VP Chief Information Security Officer (CISO). Specific responsibilities include, but are not limited to: Roles and Responsibilities: Management of a team of Information System Security Managers (ISSM) and Information System Security Officers (ISSO) throughout Peraton in multiple, and in some cases remote, classified environments. Responsible for oversight and management of the certification and accreditation of computer networks and standalone information systems using government standards. Responsible for media control, virus scanning, hardware and software control, and computer security briefings. Support all disciplines within the security program, including PERSEC, Cybersecurity, and Insider Risk, and ensure that business needs are met. Work with the Senior Members of IT, Network Infrastructure Team and System Administrators to ensure all systems security procedures are being followed and audit files are being maintained and reviewed in accordance with multiple client requirements. Interact with internal and external customers and/or government security officials to perform security duties, address routine information security matters with employees, report preparation and system security access briefings. Represent Peraton to provide thought leadership though professional organizations such as the CAISSWG, INSA, and ND-ISAC. Make sound decisions and manage all aspects of information systems security as it applies to the DOD community (NISPOM, IFSO Manual, DFARS Clause 252.204-7012, FISMA, NIST SP 800-53, NISPOM Technical Baseline, DOD 8570M) Conduct risk assessments on hardware intended for use by a program to determine the proper Protection Level for the IS and identify any vulnerabilities that would need mitigation. Prepare and implement Information System Security Plans, Protection Profiles, etc., working closely with government approval authorities to achieve system accreditation and maintain compliance for all collateral classified information systems. Responsible for regular AIS audits to ensure accredited systems are being operated securely and computer security policies and procedures are implemented as defined in security plans. Ensures personnel are trained on the IS's prescribed security restrictions and safeguards before they are initially allowed to access a system. Ensures the implementation of site procedures for marking, handling, controlling, removing, transporting, sanitizing, reusing, and destroying media/equipment containing classified information.

#J-18808-Ljbffr