Information System Security Manager

Information System Security Manager (ISSM) (NIST-18-1777-F): Bowhead seeks an experienced Information System Security Manager (ISSM) to oversee local classified IT systems. This position will be the primary lead for all classified and Controlled but Unclassified Information (CUI) information system security matters working with the Company's Facility Security Officer, the Sr. Director of IT, and the appropriate Government liaisons. This individual will be responsible to for the development and maintenance of a classified network in accordance with DSS RMF, as well as preform the lead point of contact for the company's Controlled but Unclassified Information environment in accordance with NIST 800-171. RESPONSIBLITIES: o Develops and maintains system security plans for submission and continuation of Accreditation status with the Defense Security Service and other US Government agencies. o Provides continuous security monitoring of classified systems o Reviews and approves all classified system access requests. o Applies current computer science technologies to the development, evaluation, and integration of computer systems and networks to maintain system security for classified information systems. o Implement local policies, processes, procedures and compliance with all National Industrial Security Program (NISP) and Defense Security Service Assessments and Authorization Process Manual (DAAPM) requirements o Develops and maintains all DoD requirements, including the DAAPM & Risk Management Framework (RMF) standards to ensure compliance with the National Industrial Security Program Operating Manual (NISPOM) o Assists in the development and implementation of policies and System Security Plans supporting government agency requirements o Develops, conducts, coordinates, and delivers site information systems security education program requirements to all users of the classified information system(s) supporting classified programs o Identifies and documents unique local threats and vulnerabilities to classified information systems security o Ensures that periodic self-assessments of the facility's classified information systems are conducted as part of the overall facility self-inspection program and that all corrective actions are taken o Develops and implements general and remote maintenance procedures based on requirements provided by the cognizant security authority o As requested implements all Corporate Security direction, policy and procedures throughout the facility in support of NISP, DAAPM and company security requirements o Conducts and coordinates investigations into security violations related to cleared and CUI information systems; ensures corrective actions are implemented o Supports, communicates, reinforces and defends the mission, values and culture of the organization o Conducts weekly audits, updates antivirus definitions, and patches all classified information systems in accordance with DSS requirements and local procedures o Manages the security configurations of all classified information systems to ensure compliance with DSS baseline requirements o Support and maintain in-house computer systems, desktops, and peripherals. This includes installing, diagnosing, repairing, maintaining, and upgrading all hardware and equipment while ensuring optimal workstation performance. Troubleshoot problem areas in a timely and accurate fashion, and provide end user training and assistance where required Requirements REQUIREMENTS: o Bachelor's Degree, ideally in Information System Security, Computer Science, Cybersecurity, or a Computer Technical Certificate (MSCE or GAIC certificate) or equivalent related experience o 5+ years of hands on experience in IT, System Security, or Cybersecurity/Risk Compliance, managing a sever and Active Directory policies (GPOs) in either the Defense Industry, Information Systems Security, or a combination of both o Analytical ability to understand and interpret Department of Defense (DoD) and company security policies and procedures o Substantial communication & interpersonal skills to advise customers of DoD and company industrial security policies and procedures o Experience with documentation development for systems down to the technical component, software, firmware, and interface level. o Demonstrated ability to follow engineering processes and verify technical requirements o Be a self-starter, able to work under pressure and with limited supervision, and work well with others in a large and diverse environment o Ability to successfully prioritize and manage to completion multiple complex tasks and deliverables, and demonstrate the highest degree of integrity and accountability in all actions Preferred Skills and Experience: o A+, Network+, CISSP, CISA, CISM, CEH, and/or Security+ Certifications are a plus o Completion of the DSS CDSE/STEPP ISSM Training Curriculum (RMF courses) o A strong knowledge and understanding of NIST Special Publication 800-53 (or 800-171), ISO27001, DoD 8510.01, NISPOM, & ICDs o Experience managing Linux, Windows 7 & Windows 10 DSS accredited information systems o Experience with the SCAP Compliance Checker and the DISA STIG Viewer o Previous COMSEC experience is a plus SECURITY CLEARANCE REQUIRED: Must currently hold an active TOP SECRET security clearance. US Citizenship is a requirement for at this location. Applicants may be subject to a pre-employment drug & alcohol screening and/or random drug screen, and must follow UIC's Non-DOT Drug & Alcohol Testing Program requirements. If the position requires, an applicant must pass a pre-employment criminal background history check. All post-secondary education listed on the applicant's resume/application may be subject to verification. Where driving may be required or where a rental car must be obtained for business travel purposes, applicants must have a valid driver license for this position and will be subject to verification.  In addition, the applicant must pass an in-house, online, driving course to be authorized to drive for company purposes. UIC is an equal opportunity employer. We evaluate qualified applicants without regard to race, age, color, religion, sex, national origin, disability, veteran status, and other protected characteristics EOE/AA/M/F/D/V. In furtherance, pursuant to The Alaska Native Claims Settlement Act 43 U.S.C. Sec. 1601 et seq., and federal contractual requirements, UIC and its subsidiaries may legally grant certain preference in employment opportunities to UIC Shareholders and their Descendants, based on the provisions contained within The Alaska Native Claims Settlement Act. 18-1777
Salary Range: NA
Minimum Qualification
5 - 7 years

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Information System Security Administrator - 00...
Arlington, VA The MITRE Corporation
Principal Identity & Access Management Securit...
McLean, VA The MITRE Corporation
Portfolio Manager, NAS Systems Operations
McLean, VA The MITRE Corporation
Sr. Infrastructure Security Engineer - DevSecOps
McLean, VA The MITRE Corporation