Corporate Information System Security Manager (ISSM)

KODA Technologies Inc.

$90K — $120K *
Aerospace & Defense
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Two or four-year degree in Computer Engineering, Computer Science, Information Systems Security/Assurance, or a related field.
  • 4+ years of ISSO experience or 2+ years of ISSM experience.
  • 4+ years of Microsoft operating systems administration experience.
  • 2+ years overseeing Assessment & Authorization (A&A) processes, including ISSO/ISSM roles.
  • Ability to obtain and maintain DoD 8140 IAM II certification.
  • Experience with DoD compliance tools and standards, including eMASS and DISA STIGs.
  • Strong communication skills, both written and verbal.

Responsibilities

  • Oversee KODA's risk posture in line with NIST 800-37 RMF and collaborate with DCSA ISSP.
  • Maintain and monitor CMMC Level 2 certification compliance.
  • Chair RMF and CMMC Configuration Control Boards and assess risk posture.
  • Develop and manage the Continuous Monitoring Plans for system accreditation.
  • Conduct Cyber Security Risk Assessment Reports and develop remediation strategies.
  • Implement controls for RMF Authorities to Operate compliance.
  • Liaise with leadership and service providers for overall system security.

Benefits

  • Health, dental, and vision insurance.
  • 401(k) plan with company matching.
  • Professional development opportunities.
  • Flexible work schedule options.
Full Job Description
Corporate Information System Security Manager (ISSM)

Position Overview:

KODA Technologies Inc. is seeking a full-time Corporate Information System Security Manager (ISSM) to oversee the implementation and continuous monitoring of the Risk Management Framework (RMF) and Cybersecurity Maturity Model Certification (CMMC) of KODA's Classified Information System and Corporate Information System.

Duties/Responsibilities:
  • Oversee and manage the risk posture of the KODA classified AIS in accordance with the NIST 800-37 Risk Management Framework (RMF) process, working directly with Defense Counterintelligence & Security Agency (DCSA) Information System Security Professional (ISSP) to develop and implement the required strategy utilizing NIST 800-53 to accomplish KODA's missions.
  • Maintain and monitor KODA's Cybersecurity Maturity Model Certification (CMMC) Level 2 certification in accordance with NIST 800-171 and DFARS [redacted].
  • Chair KODA's RMF and CMMC Configuration Control Boards (CCB) and make risk determinations supporting KODA's current risk posture as defined by current authorizations.
  • Maintain KODA's RMF and CMMC Continuous Monitoring (ConMon) Plans to maintain system accreditation compliance.
  • Develop and implement Plan of Action & Milestones (POA&M).
  • Work collaboratively with System Administrators to conduct Cyber Security (CS) Risk Assessment Reports (RAR) to develop mitigation, remediation, and monitoring strategies in compliance with National Industrial Security Program Operating Manual (NISPOM, 32 CFR, Part 117) and DCSA Assessment and Authorization Guide (DAAG).
  • Implement all applicable controls associated with obtaining and maintaining RMF Authorities to Operate (ATO) IAW NIST 800-37.
  • Manage and report DCSA required RMF efforts to DCSA Information Systems Security Professional (ISSP) and Security Control Assessor (SCA).
  • Provide recommendations to the Senior Information Systems Officer (SISO), associated project Team Leads, and Facility Security Officer (FSO) for process enhancements for DCSA-accredited IS.
  • Assist the SISO and FSO in the effective implementation, assessment, improvement, and management of the KODA Security Program.
  • Act as the liaison between KODA Leadership and the corporate IT and Cybersecurity Managed Service Providers regarding vulnerability scanning, mitigations, risk acceptance and overall system security posture.
  • Support KODA's oversight and performance of other corporate computing efforts as needed, including monitoring of Help Desk ticket status, new hire IT onboarding, system administration, and inventory of KODA and government-furnished property.

Requirements:
  • Two-year or Four-year degree in Computer Engineering, Computer Science, Information Systems Security/Assurance, or related field.
  • 4+ years of ISSO experience or 2+ years of ISSM experience.
  • 4+ years of Microsoft operating systems administration experience.
  • 2+ years of experience with Assessment & Authorization (A&A) responsibilities, including ISSO, ISSM, policy development, control testing, POA&M management, and configuration management.
  • Ability to obtain and maintain DoD 8140 IAM II certification
  • Experience with working with DoD tools, including Enterprise Mission Assurance Support Service (eMASS), SCAP, DISA STIGs and other monitoring tools.
  • Experience with performing cybersecurity compliance standards, including NIST Controls and DISA STIGS.
  • Experience with Systems Administration, Information Systems Auditing, Data Security Analysis and/or Network Administration.
  • Experience with Microsoft Office products.
  • Strong organizational, analytical, and problem-solving skills.
  • Solid communication skills, both in written, verbal, and interpersonal skills.
  • Ability to self-prioritize tasking and work multiple projects in tandem while meeting mission objectives and strict timelines.
  • Ability to develop and maintain effective working relationships across the organization.
  • Willingness to jump in and support various diverse IT-related tasks when needed to support the mission.

Clearance:
  • Active Secret Clearance

Similar Jobs

More Jobs at KODA Technologies Inc.

More Aerospace & Defense Jobs

Find similar Corporate Information System Security Manager (ISSM) jobs: