Information Systems Security Manager (ISSM) – Skill Level 2
About the role
The Information Security Manager (ISSM) will provide management support for a program, organization, system, or enclave’s Information Assurance program. Key responsibilities include proposing, coordinating, implementing, and enforcing Information System Security policies, standards, and methodologies; managing the operational security posture of information systems or programs; performing day-to-day security operations; supporting configuration management for security software, hardware, and firmware; managing system changes while assessing associated security impacts; assisting Information System Security Engineers and Information System Security Officers in evaluating security solutions for classified information; managing vulnerability and risk assessment activities; and overseeing preparation and review of security documentation to support authorization activities in compliance with NSA/CSS RMF and DoD DIACAP requirements.
Responsibilities
- Propose, coordinate, implement, and enforce Information System Security policies, standards, and methodologies
- Manage the operational security posture of information systems or programs
- Perform day-to-day security operations
- Support configuration management for security software, hardware, and firmware
- Manage system changes while assessing associated security impacts
- Assist Information System Security Engineers and Information System Security Officers in evaluating security solutions for classified information
- Manage vulnerability and risk assessment activities
- Oversee preparation and review of security documentation to support authorization activities in compliance with NSA/CSS RMF and DoD DIACAP requirements
Requirements
- Ability to perform requirements gathering and analysis, analyze user needs to determine functional and cross-functional requirements, perform functional analysis to identify required tasks and their interrelationships, and conduct functional allocation to identify resources required for each task
- Ability to identify and map current security infrastructure as a foundation for defining future programs, gather and organize technical information regarding organizational mission goals and needs, existing security products, and ongoing programs within the multi-level security arena
- Ability to plan and coordinate the implementation of information technology security programs and policies, enable Government planning, coordination, and oversight of organizational implementation of information security services, and enable the design and implementation of future information technology systems and related security
- Ability to perform risk analysis, including risk assessment, and provide support for a program, organization, system, or enclave’s information assurance program
- Ability to collaborate with engineers on systems integration efforts and life cycle requirements, oversee engineering staff efforts to design, develop, engineer, and implement solutions to security requirements, and facilitate issue resolution through Integrated Product Teams and Technical Exchange Meetings
- Ability to assist and advise Program Managers with administrative and technical oversight of portfolio programs and specific programs, including enabling effective oversight and coordination activities
- Ability to serve as the program’s Information System Security Manager, provide daily oversight and direction to contractor Information System Security Officers, interact with customers, information technology staff, and high-level corporate officers to define and achieve Cybersecurity objectives, and enable Government development and implementation of NSA information technology security services
- Work experience in the field of security authorization, or relevant work experience if no bachelor’s degree is held, including experience with current security tools, hardware and software security implementation, communication protocols, encryption tools and techniques, commercial security products, security authorization techniques, security incident management, and PKI and authorization services
- DoD 8570 compliant with IAM II
- Active TS/SCI clearance with Polygraph
Qualifications
Must have a bachelor’s degree in Computer Science, Cyber Security, or IT Engineering, or four additional years of work-related experience may be substituted for the degree, and must be DoD 8570 compliant with IAM II.
Benefits
At Kaizen Approach, we offer a variety of benefits including 4 weeks of PTO, 11 holidays, gifted 401k, profit sharing, and paid training. We also provide a robust benefits package that supports your well-being, including premium healthcare, financial and family support, retirement planning, and ongoing learning opportunities.
Pay
A variety of factors can impact the final salary offered, including, but not limited to, geographic location, Federal Government contract labor categories and wage rates, relevant work experience, specialized skills and competencies, education, and certifications.
Schedule
Details on the schedule are not specified in the job posting.