Information Systems Security Manager (ISSM) with Security Clearance
Abacus Technology Corporation
2024-11-05 18:43:04
Hanscom Afb, Massachusetts, United States
Job type: fulltime
Job industry: I.T. & Communications
Job description
Job Title: Information System Security Manager (ISSM) Job Location: Lexington, MA Overview: Abacus Technology is seeking an Information System Security Manager (ISSM) to act as a technical advisor for security issues for the Command, Control, Communication, Intelligence and Networks (C3I&N) Directorate at Hanscom AFB. This is a full-time position. Major Duties & Responsibilities: • Maintain the overall security posture of the systems within their organization, and be accountable for the implementation of DoD 8510.01. • Support implementation of the RMF. • Develop and maintain a formal Information Systems (ISs) security program and policies for their assigned area of responsibility. • Support the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing DoD and Air Force policies (i.e., RMF). • Maintain and report IS and Platform Information Technology (PIT) systems assessment and authorization status and issues in accordance with DoD Component guidance. • Provide direction to the ISSO in accordance with DoDI 8500.01. • Ensure that ISSOs are appointed in writing and provide oversight to ensure they are following established cybersecurity policies and procedures. • Coordinate with the organization's security manager to ensure issues affecting the organization's overall security are addressed appropriately. • Monitor compliance with cybersecurity policy, as appropriate, and review the results of such monitoring. • Ensure that cybersecurity inspections, tests, and reviews are synchronized and coordinated with affected parties and organizations. • Ensure implementation of IS security measures and procedures including reporting incidents to the AO and appropriate reporting chains, and coordinating system-level responses to unauthorized disclosures. • Act as the primary cybersecurity technical advisor to the AO for DoD IS and PIT systems under their purview. • Ensure that cybersecurity-related events or configuration changes that may impact DoD IS and PIT systems authorization or security posture are formally reported to the AO and other affected parties. • Ensure the secure configuration and approval of IT below the system level (i.e., products and IT services) in accordance with applicable guidance prior to acceptance into or connection to a DoD IS or PIT system. • Prepare and record system, security status, and portfolio management information into the Enterprise Information Technology Data Repository (EITDR) for FISMA; Security, Interoperability, Supportability, Sustainability, Usability (SISSU); Clinger Cohen Act; and other statutory compliance. • Author, review, certify, and/or maintain information awareness and security management plans to include RMF Implementation Plans, System Security Management Plans, Information Support Plans, Program Protection Plans (PPPs), Security Risk Analyses, Security Vulnerability and Countermeasure Analyses, Security Concepts of Operations, Operational Security (OPSEC) Plans, and other system/network security related documents. • Support activities and meet the requirements of DoDI 8520.02, Public Key Infrastructure (PKI) and Public Key (PK) Enabling, to achieve standardized, PKI supported capabilities for biometrics, digital signatures, encryption, identification and authentication. Qualifications: 15+ years experience in cyber security including at least 5 years in a DoD environment. Bachelor's degree in a related field; Master's degree preferred. Must hold a DoD 8570 compliant IAM Level III certification, such as GSLC, CISM, and/or CISSP. Familiar with DIACAP, Risk Management Framework (RMF), STIGs, and IA Controls. Experience with development/architecture for apps and services, and testing and administration. Strong knowledge of Microsoft Windows technologies, including Active Directory, Windows Administration, scripting, and Windows configuration techniques. Basic Linux experience to include Red Hat and Fedora. Networking experience including routers, switches, and firewalls. Experience with Cisco and Juniper. Strong desktop application administration experience to include Microsoft Office, web browsers, and anti-virus applications. Must be detail oriented and possess the ability to work in a multi-disciplined environment with an adaptive personality. Excellent communication skills, both oral and written. Analytical skills to troubleshoot IA issues. Familiarity with EITDR and eMASS desired. Must be able to apply intensive and diverse knowledge to problems and make independent decisions. Must be a team player able to work professionally and collaboratively with the government customer and other contract members of the project team. Excellent written and verbal communication skills and a client focus. Must be a US citizen and hold a current TS/SCI clearance. Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.