Cleared Staffing Solutions
ISSM (Information Systems Security Manager)
Cleared Staffing Solutions, Poland, New York, United States
ISSM (Information Systems Security Manager)
Veteran owned staffing agency placing TS/SCI Poly TS/SCI, Top Secret and Secret Cleared Professionals
Job Description This is a remote position.
Location: Remote with onsite visits to Oakridge,TN as needed
Job Title: Systems Security Analyst
Organization: Chief Information Security Office
Job Specialty: Cyber Security
Clearance Required: Q or TS
What You'll Do The Systems Security Analyst is responsible for the analysis and development of the integration, testing, operations, and maintenance of systems security.
Preferred Job Requirements (KSA's)
The Systems Security Analyst/Security Engineer is responsible for the analysis and development of the integration, testing, operations, and maintenance of systems security.
Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of Industrial Control System/Supervisory Control and Data Acquisition System threats, vulnerabilities, security controls and methods.
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
Knowledge of cybersecurity and privacy principles.
Knowledge of cyber threats and vulnerabilities.
Knowledge of specific operational impacts of cybersecurity lapses.
Knowledge of encryption algorithms
Knowledge of cryptography and cryptographic key management concepts
Knowledge of installation, integration, and optimization of system components.
Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
Knowledge of security system design tools, methods, and techniques.
Knowledge of software engineering.
Knowledge of the systems engineering process.
Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).
Knowledge of Personally Identifiable Information (PII) data security standards.
Knowledge of information technology (IT) risk management policies, requirements, and procedures.
Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.
Knowledge of configuration management techniques.
Knowledge of security management.
Knowledge of developing and applying user credential management system.
Knowledge of implementing enterprise key escrow systems to support data-at-rest encryption.
Knowledge of an organization's information classification program and procedures for information compromise.
Knowledge of countermeasure design for identified security risks.
Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
Knowledge of how to use network analysis tools to identify vulnerabilities.
Skill in designing the integration of hardware and software solutions.
Skill in developing and applying security system access controls.
Skill in evaluating the adequacy of security designs.
Skill in assessing security systems designs.
Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).
Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
Specific Requirements – Senior level experience in Security Information and Event Management (SIEM); Senior level experience as an Information System Security Manager (ISSM) and Security Control Assessments
Requires a Government clearance; Clearance Required: Q. The ability to obtain and maintain a Government clearance is required.
Position may require entry into Materials Access Areas (MAA) and participation in the Human Reliability Program (HRP). If HRP is required, candidate must complete a counterintelligence-scope polygraph, pursuant to 10CFR 709. Medical requirements may apply.
Requirements What You Can Expect Meaningful work and unique opportunities to support missions vital to national and global security
Top-notch, dedicated colleagues
Generous pay and benefits with a stable organization
Career advancement and professional development programs
Work-life balance fostered through flexible work options and wellness initiatives
Bachelor's degree in Computer Science, Information Security, Information Systems or a related field with at least two years of relevant professional experience or five years of cyber incident response experience in an enterprise network environment
Ten or more years of education and/or relevant experience may be considered to satisfy educational and years-of-experience requirements for this posting
Level 5 - PhD in a technical field and 2 to 5 years of related experience or Masters degree in a technical field and 5 to 10 years of related experience or Bachelors degree in a technical field and 10 to 15 years of related experience or Associates degree in a technical field and 15 to 20 years of related experience. Requires demonstrated in-depth knowledge and skills in a technical specialty. Recognized as an expert in their field.
#J-18808-Ljbffr
Job Description This is a remote position.
Location: Remote with onsite visits to Oakridge,TN as needed
Job Title: Systems Security Analyst
Organization: Chief Information Security Office
Job Specialty: Cyber Security
Clearance Required: Q or TS
What You'll Do The Systems Security Analyst is responsible for the analysis and development of the integration, testing, operations, and maintenance of systems security.
Preferred Job Requirements (KSA's)
The Systems Security Analyst/Security Engineer is responsible for the analysis and development of the integration, testing, operations, and maintenance of systems security.
Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of Industrial Control System/Supervisory Control and Data Acquisition System threats, vulnerabilities, security controls and methods.
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
Knowledge of cybersecurity and privacy principles.
Knowledge of cyber threats and vulnerabilities.
Knowledge of specific operational impacts of cybersecurity lapses.
Knowledge of encryption algorithms
Knowledge of cryptography and cryptographic key management concepts
Knowledge of installation, integration, and optimization of system components.
Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
Knowledge of security system design tools, methods, and techniques.
Knowledge of software engineering.
Knowledge of the systems engineering process.
Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).
Knowledge of Personally Identifiable Information (PII) data security standards.
Knowledge of information technology (IT) risk management policies, requirements, and procedures.
Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.
Knowledge of configuration management techniques.
Knowledge of security management.
Knowledge of developing and applying user credential management system.
Knowledge of implementing enterprise key escrow systems to support data-at-rest encryption.
Knowledge of an organization's information classification program and procedures for information compromise.
Knowledge of countermeasure design for identified security risks.
Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
Knowledge of how to use network analysis tools to identify vulnerabilities.
Skill in designing the integration of hardware and software solutions.
Skill in developing and applying security system access controls.
Skill in evaluating the adequacy of security designs.
Skill in assessing security systems designs.
Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).
Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
Specific Requirements – Senior level experience in Security Information and Event Management (SIEM); Senior level experience as an Information System Security Manager (ISSM) and Security Control Assessments
Requires a Government clearance; Clearance Required: Q. The ability to obtain and maintain a Government clearance is required.
Position may require entry into Materials Access Areas (MAA) and participation in the Human Reliability Program (HRP). If HRP is required, candidate must complete a counterintelligence-scope polygraph, pursuant to 10CFR 709. Medical requirements may apply.
Requirements What You Can Expect Meaningful work and unique opportunities to support missions vital to national and global security
Top-notch, dedicated colleagues
Generous pay and benefits with a stable organization
Career advancement and professional development programs
Work-life balance fostered through flexible work options and wellness initiatives
Bachelor's degree in Computer Science, Information Security, Information Systems or a related field with at least two years of relevant professional experience or five years of cyber incident response experience in an enterprise network environment
Ten or more years of education and/or relevant experience may be considered to satisfy educational and years-of-experience requirements for this posting
Level 5 - PhD in a technical field and 2 to 5 years of related experience or Masters degree in a technical field and 5 to 10 years of related experience or Bachelors degree in a technical field and 10 to 15 years of related experience or Associates degree in a technical field and 15 to 20 years of related experience. Requires demonstrated in-depth knowledge and skills in a technical specialty. Recognized as an expert in their field.
#J-18808-Ljbffr