Information Systems Security Manager (ISSM)Technovative Applications
The Information System Security Manager (ISSM) is responsible for applying Information System (IS) security principles, practices, and procedures under the Risk Management Framework (RMF) to maintain compliance with applicable security regulations such as NIST, CNSSI, and NISPOM and governing the development and management of classified information systems. This position will be responsible for managing the program’s overarching security effort and representing the program to the sponsor’s security organization. This position requires the ISSM to be a strong advocate for integrating security into front-end requirements and overseeing the implementation and sustainment of security controls in all stages of the program lifecycle.
- Create and maintain information security related documentation
- Implement, maintain, and monitor security controls
- Advise developers on integrating security requirements
- Achieve and maintain Authorization to Operate classified information systems
- Coordinate with sponsor(s) and corporate security organization
- Oversee Continuous Monitoring program
- Maintain operational security posture for information systems
- Provide security related training and guidance to program management and staff
- Assist in maintaining compliance with Open Storage Areas
- Maintain eligibility for personal security clearance
- Perform other duties as assigned
Ability to maintain organized and complete records
Capable of prioritizing competing demands and completing tasks on schedule
Knowledge of how to assess and authorize classified information systems
Ability to perform risk assessment and risk management for classified information systems
- Understanding of NIST 800 series, CNSSI 1253, NISPOM, and related publications
- Experience in implementing and monitoring technical, administrative, and operational security controls
- Previous experience with classified information system security management, network/system administration and engineering, and the RMF process
- High-level security or IT related certification and demonstrated experience applying certification skills
- Experience achieving approvals for classified material on computer systems through the DCSA eMass system
- Familiarity with the RMF process and experience in drafting RMF documentation
- U.S. citizenship
- Must possess a secret clearance or be able to qualify for one
- Security Technical Implementation Guides (STIGs)
- Information Assurance Vulnerability Alerts (IAVAs)
- Security Content Automation Protocol (SCAP) Compliance Checker (SCC)
- Cloud Security concepts
- MS Windows Server – Group Policy Objects
- MS Windows Server - Active Directory
- MS Windows Server – System Administration
- Reviewing MS Windows security event logs
- Use of scanning tools and interpreting results
- Security incident management
- Working with hardware and software vendors
- IAM Level III certification in accordance with DoD 8570.01M such as CISSP
Technovative Applications is a U.S. Defense contractor specializing in the development and production of fire control systems, radar interferometers, radar subsystems, and miniaturized communications transceivers for U.S. military applications. Our mission is to manufacture our products with precision and accuracy to support national security objectives.
- Competitive annual salary of $110k-$145k/yr DOE
- Benefits