Jobs · Information Technology · Colorado

Information Systems Security Manager (ISSM)

Zachary Piper Solutions · Colorado Springs, CO · Yesterday
On-siteInformation Technology$120k–$160k/yrFull-time

Responsibilities

  • Lead activities required to obtain and maintain Authority to Operate (ATO) approvals for classified information systems
  • Ensure compliance with Department of Defense (DoD), Risk Management Framework (RMF), CNSSI, NIST, and applicable cybersecurity policies and directives
  • Perform vulnerability and risk assessments supporting authorization and accreditation efforts for classified systems
  • Develop, maintain, and update RMF documentation including System Security Plans (SSP), System Assessment Plans (SAP), Risk Assessment Reports (RAR), Security Control Traceability Matrices (SCTM), Plans of Action and Milestones (POA&M), and Continuous Monitoring (ConMon) Plans
  • Cook up with program security officers and government security officials regarding approvals for External Information Systems and system interconnections
  • Conduct periodic reviews and evaluations of information system security policies, standards, and procedures
  • Support and coordinate Information System Security Assessments, testing activities, and security reviews
  • Evaluate and process hardware and software requests through appropriate security review processes

Qualifications

  • Bachelor's degree (preferably Information Security, Cybersecurity, or related field)
  • 9+ years of experience supporting cybersecurity, information assurance, system administration, or related disciplines (7 years with a Master's degree)
  • Experience with Risk Management Framework (RMF), NIST standards, CNSS requirements, cybersecurity risk management methodologies, and compliance processes
  • Experience supporting Program Security disciplines including OPSEC, Program Protection, Personnel Security, Security Training and Education, and Classification Management
  • Experience working within SAP and/or SCI environments
  • Willingness to support nomination for Sensitive Compartmented Information (SCI), Special Access Programs (SAP), and Polygraph requirements
  • Possession of certification(s) meeting or exceeding DoD 8140 IAT Level II requirements (e.g., Security+, CISSP)
  • Experience supporting Windows-based environments with working knowledge of Linux operating systems

Preferred Qualifications

  • Master's degree in Cybersecurity, Information Security, or related security discipline
  • Knowledge of JSIG, ICD 503, NIST RMF, NIST, and Assessment & Authorization (A&A) processes
  • Experience supporting Incident Response and Disaster Recovery activities
  • Experience developing and maintaining security plans, procedures, and certification artifacts
  • Familiarity with virtualized infrastructure technologies such as VMware
  • Experience conducting security audits and formal information system assessments
  • Extensive experience administering and securing Windows-based information systems
  • Understanding of Contractor Program Security Officer (CPSO) responsibilities including PERSEC, PHYSEC, visitor control, facility security, and security education programs
  • Familiarity with DD254 requirements and support of government contracts

Similar jobs