Jobs · Information Technology · Oklahoma

Cybersecurity – Information System Security Manager (ISSM)

Boeing · Oklahoma City, OK · 4 days ago
Information Technology$122k–$164k/yrFull-time

Position Responsibilities

Assist in the development and deployment of program information security for assigned systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures
Implement Risk Management Framework (RMF) processes, product development and product maintenance for assigned systems
Perform security compliance continuous monitoring
Participate in security assessments and audits
Prepare and present technical reports and briefings
Identify root causes, the prioritization of threats, and recommend/implement corrective action
Provide mentoring and technical leadership within the information security program team
Explore the enterprise and industry for the evolving state of industry knowledge and methods regarding information security standard methodologies
Support development of enterprise-wide information security policies, standards, guidelines and procedures that may reach across multiple partner organizations
Support Defense Federal Acquisition Regulation Supplement (DFARS) and Cybersecurity Maturity Model Certification (CMCC) requirements based on contractual requirements for assigned programs

Basic Qualifications

Successfully completed Tier 5 Investigation (T5), formerly known as a Single Scope Background Investigation (SSBI) by the federal government within the last 5 years, or requires candidate to have been enrolled in a Continuous Vetting program within the last 5 years
Currently hold certification in good standing to satisfy IAM Level III (CISSP, GSLC, or CISM)
5+ years of experience in cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. DAAPM, CNSSI 1253, ICD-503, JSIG, or NIST SP 800 series

Preferred Qualifications

5+ years of experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs
5+ years of experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS
5+ years of experience assessing and documenting test or analysis data to show cyber security compliance

Similar jobs