Get new jobs for this search by email

Journeyman Information Systems Security Manager (ISSM)

Sumaria Systems is seeking an Information System Security Manager (ISSM) to ensure system and application deliverables meet all required cyber security policies and regulations for the Technical Advisory and Assistance Services (TAAS) program at Hanscom AFB. This is a full-time position. Responsibilities: Support system/application assessment and authorization (A&A) efforts Recommend policies and procedures to ensure the reliability of and accessibility to information systems Conduct risk and vulnerability assessments and inspections of planned and installed information systems Evaluate threats and vulnerabilities to information systems Evaluate system sources of changes and provide inputs to the root cause analysis reporting Review and provide inputs to modification packages, program/system documents and support agreements updates Review system test plans and test results Perform security impact analysis on any system change Continuously monitor intelligence and open-source information for vulnerabilities Promote awareness of security issues among management Conduct systems security monitoring, evaluations, audits, and reviews Recommend systems security contingency plans and disaster recovery procedures Recommend and implement programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies Participate in network and systems (to include cryptographic) design Facilitate the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes Assess security events to determine impact and implement corrective actions Ensure the rigorous application of cybersecurity and cryptographic policies, principles, and practices throughout the system development lifecycle Author, monitor, and record system information in applicable databases Prepare and record system, security status, and portfolio management information into the Air Force Information Technology Investment Portfolio Suite (referred to as ITIPS) for FISMA; Security, Interoperability, Supportability, Sustainability, Usability (SISSU); Clinger Cohen Act; and other statutory compliance Author, review, certify, and/or maintain security management plans and RMF package artifacts including but not limited to: RMF Implementation Plans, System Security Management Plans, Information Support Plans, Program Protection Plans (PPPs), Security Risk Analyses, Security Vulnerability and Countermeasure Analyses, Vulnerability Management Plans, Common Control Packages, Security Concepts of Operations, OPSEC Plans, Authority-to-Connect guest system packages, and other system/network security related documents Support and assist external teams in the evaluation of systems Cybersecurity posture Support the development, coordination, and implementation of cybersecurity-related special projects and taskers Qualifications: Bachelor's degree in a related field Must hold one of the following certifications: CISSP, CISM, GSLC, or CCISO Experience with the certification and accreditation process Significant experience in vulnerability scanning and analysis, including the use of automated tools and vulnerability management systems Knowledge of intrusion prevention and network access control tools/systems Understanding of system audit principles and security risk assessment Strong understanding of security policy advocated by the U.S. Government including the Department of Defense and appropriate civil agencies, e.g., NIST Able to perform work that involves ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools Knowledge of cryptography and cryptographic key management concepts General experience includes development of both common user and special purpose command and control/information systems with increasing responsibilities in the scope and magnitude of the systems for which solutions have been implemented Must have a solid understanding of network infrastructure and mission assurance Familiar with Federal government and DOD standards for IA/security including DIACAP, FISMA, NIST, and OMB Must have solid communications skills and be capable of working with all levels of an organization Must be a US Citizen and hold a current Top Secret clearance Travel: Minor Security Clearance Required: Top Secret Years of Experience: 3+ years experience in Cyber Security or information assurance Position Type: Full Time Work Location: Hanscom AFB, Massachusetts Top salaries paid for qualified candidates. Agency submissions are not being accepted at this time. For more information on Sumaria Systems, please visit our website at www.sumaria.com. Sumaria is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, or protected veteran status.