Major purpose:
*Duties for successful candidates include management and oversight of collateral information systems that support multiple systems and customers, coordination of information system accreditation/certification processes; interaction with current and potential customers; performing system and network self-inspections; oversight of identifying information system vulnerabilities and implementing countermeasures; Policy creation/update; oversight of information system security records; receiving direction from the FSO and Cyber Security Director. The ISSM will be responsible for IT and information system security issues that may affect the mission of the customer. Major functions:
*Coordinate the operational security posture for programs and information systems
*Ensure the completion/preparation, review, and maintain documentation to include System Security Plans (SSPs), Risk Assessment Reports, Assessment and Authorization packages, and other documentation to support Information System accreditation.
*Ensure all IS security-related documentation is current and accessible to properly authorized individuals; and ensure audit records are collected, reviewed, and documented (to include any anomalies).
*Oversees the completion of Plans of Action & Milestones (POAMs) against accredited information systems.
*Develop and maintain a directorate focused information systems security program to ensure compliance of IT assets with accreditation requirements specified under ICD 503, DAAPM, IC, and DoD regulations, policies, and procedures.
*Coordinate the review and evaluation of cyber security programs and effectiveness of implementation; identify problem areas; updates and establishes new requirements in response to new technologies and threats; and make recommendations to achieve a fully compliant IT architecture.
*Develop and implement training and awareness programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures.
*The selected candidate will support a diverse security team onsite and participate in Engineering and Configuration Review Boards and Working Groups to develop secure system solutions. Technical/Functional skills:
*Familiarity with personnel security and physical security accreditation
*Familiarity with applicable DoD policies, procedures, and operating instruction related to IT, and IA.
*Requires strong critical thinking/analytical skills, attention to detail, creativity, and a sustained commitment to excellence and quality.
*The position requires excellent oral and written communication skills.
*Position requires time management, prioritization, team building skills. Preferred Additional Skills:
*Experience with SPLUNK, NESSUS, Security Center highly desired
*Experience with network and information systems at varying classification levels
*Familiarity with system architectures, to include WAN/LAN design and maintenance, controlled interfaces, etc.
*Experience with Windows and Linux client/server security administration and the underlying technologies such as TCP/IP, DNS, LDAP, and the security subsystem (IA&A).
*Must be proficient with Microsoft Word, Excel, and Access.
*Must be able to communicate effectively and in a professional manner.
*Must be able to interact with persons of varying importance, multi-cultural customers and personnel. Education/Experience/Licenses etc.:
*4 years’ experience in information assurance/security experience (RMF/DIACAP/NISPOM/JSIG/JFAN)
*Minimum DoD 8570 IAM I certified
*Experience with Risk Management Framework (800-53)
*Knowledge and Implementation of 32 CFR part 117 and DAAPM