Information Systems Security Manager (ISSM) with Security Clearance
G3 Innovative Solutions, LLC
2024-11-05 19:43:23
Arlington, Virginia, United States
Job type: fulltime
Job industry: I.T. & Communications
Job description
Duties and responsibilities: Develop and Implement Security Policies Establish and maintain comprehensive information security policies and procedures in line with industry standards and regulatory requirements. Collaborate with key stakeholders to ensure security engineering initiatives aligned with the operational needs within the SAP IT. Support the customer in researching, evaluating, planning, designing, engineering, and delivering cybersecurity solutions. Experienced in one or more cloud computing services and technologies including but not limited to: AWS/C2S, Microsoft Azure, Nutanix, VMware. Identify technical problems before or after they occur and implements solutions that prevent them from reoccurring. Provide guidance and oversight to SAP community defense contractors. Conduct regular risk assessments to identify vulnerabilities and implement appropriate security measures to mitigate risks and reviews to assess the effectiveness of security controls and procedures. Provide oversight of all Software Licenses, Configuration Changes and Plan of Action & Milestone (POA&M). Maintain and report IS and PIT systems assessment and authorization status and issues in accordance with SAP IT & service component guidance. Ensure implementation of IS security measures and procedures including reporting incidents to the AO and appropriate reporting chains and coordinating system-level responses to unauthorized disclosures in accordance with DoD Manual 5200.01, Volume 3 for classified information respectively. Ensure compliance with legal, regulatory, and organizational information security standards. Coordinate with the organization's security manager to ensure issues affecting the organization's overall security are addressed appropriately. Ensure that the Cyber workforce and third-party contractors are appointed in writing and provide oversight to ensure they are following established SAP IT Cybersecurity policies and procedures. Ensure that Cybersecurity-related events or configuration changes that may impact SAP IT information systems authorizations or security posture are formally reported to the AO and other affected parties, such as IOs and stewards and AOs of interconnected DoD ISs. Ensure the secure configuration and approval of SAP IT below the system level (i.e., products and IT services) in accordance with applicable guidance prior to acceptance into or connection to an SAP IT system. Assist with the development of processes and procedures to improve incident response times. Identify and select best-in-class threat prevent tools and software for the SAP Ecosystem Lead the response to information security incidents, including investigation, documentation, and coordination with relevant stakeholders. Develop, recommend, and deliver security awareness training programs to educate employees about information security best practices and policies. Experience leading and mentoring junior level staff. Evaluate and recommend security enhancements and technology solutions to improve overall information system security. Knowledge of coding languages, intrusion detection, operating systems, security planning and auditing, ethical hacking and other security, programming, and diagnostic tools. Develop and implement new security mechanisms for the SAP Ecosystem Provide recommendations to the SAP Community on the latest vulnerabilities and identify remediation efforts. Interact with technical leads, developers, and system owners to ensure that all technical requirements are aligned with SAP guidance. Demonstrate the ability to participate in cross-functional planning, coordination, and task execution situations involving the full spectrum of system integration activities. Liaison between the various SAP directorates (Enterprise Architecture and Data) Leads and mentors a team of information security professionals, fostering a culture of continuous improvement and proactive security. Experience leading and mentoring junior level staff. Ability to express complex technical concepts effectively, both verbally and in writing. Prepare and present reports on the status of information security, highlighting areas of concern and proposing improvements. Requirements: Must have an active TS/SCI clearance Bachelor's Degree in Information Systems, Computer Science, Engineering, Business, or related field required. 4 years of relevant work experience may be considered in lieu of the degree requirement. An Associate's degree and 2 years of relevant work experience may also be considered in lieu of the degree requirement. 8+ years of experience with the execution and management of large-scale Information Technology (IT) Projects. This includes over 2 years of direct experience in leading and executing enterprise-wide IT solutions in the private or public sector. Experience includes: Project management of technically and functionally diverse and complex IT Projects; Implementing detailed management techniques such as Earned Value Analysis; IT solution architectural analysis and design; Software and system developmental and acceptance testing; Acts as manager and overall point of contact for a specific project within an overall enterprise-wide IT solution Project. Must meet basic DoD 8140 certification requirements. Cloud certification is a plus