Cyber Information Systems Security Manager 2 in Rolling Meadows, IL

$200K - $250K(Ladders Estimates)

Northrop Grumman Corporation   •  

Rolling Meadows, IL 60008

Industry: Aerospace & Defense


8 - 10 years

Posted 56 days ago

The Cyber Information Systems Security team is actively looking for a frontline Manager of Cyber Information Assurance that will manage a team of Cyber Security Exempt and Non-Exempt employees (Security Coordinators, ISSOs, and ISSMs) from our Rolling Meadows, IL location. The team performs assessments of systems and networks within the networking environment, or enclave, and identifies where those systems and networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits, as well as active evaluations such as vulnerability assessments. The manager will establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. This includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits.

Additionally, the manager will assist in the implementation of the required government policy (i.e., JSIG), NISPOM (DAAPM primarily), ICDs), make recommendations on process tailoring, participate in and document process activities. They will monitor and perform analyses to validate established security requirements and to recommend additional security requirements and safeguards. The leader will support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. And they will make sure that all results of Assessments and Accreditation activities and technical or coordination activity are documented, that the Body of Evidence (BoE) and update the Plan of Actions and Milestones (POA&M) are prepared. Also, they will periodically conduct a complete review of each system's audits, and monitor corrective actions until all actions are closed.

This position will ensure the management/coordination with classified programs on the design, testing, and implementing state-of-the-art secure operating systems, networks, database products, firewalls, and network architectures meet government classified Cyber Information Assurance compliance requirements (NIST, EMAS, RMF, etc.). The role will ensure compliance with all associated systems/networks to achieve and maintain formal accreditation authorizations from government agencies.

The successful candidate will establish an inclusive culture within a geographically diverse environment and will be responsible for the following:

  • Managing a team of Cyber Information Systems Security (CISS) Professionals
  • Establishing a strict program control processes to ensure mitigation of risks and support obtaining formal Assessment & Authorization of systems
  • Assisting in the implementation of the required government policy (i.e. DAAPM (primary), JSIG ICD-503). This may include project management
  • Ensuring the team follows Northrop Grumman and the Cyber ISS organization's policies and procedures.
  • That information is accurate and complete in support of those policies and procedures
  • Supporting the formal Security Assessment process required by the company or government customer
  • Regularly communicating and coordinating with program management teams, the Enterprise Services Program Management Office Team, the Information Technology Organization and Industrial Security


Basic Qualifications:

  • Master's degree with 6 years of Information Systems Security experience; OR a Bachelor's degree with 8 years Information Systems Security experience is required
  • Must have work experience in at least two of the following three areas: National Industrial Security Program (NISP), Department of Defense Special Access Programs (DoD SAP), Sensitive Compartmented Information (SCI) programs
  • Must hold a current DOD 8570 IAM Level III security certification (Examples: CISM, GSLC, CISSP, CCISO)
  • Candidates must have a current DOD Top Secret level security clearance with an original adjudication, or a periodic reinvestigation date, completed within the last 6 years to be considered
  • Must have the ability to obtain, and maintain, access to Special Programs as a condition of continued employment

Preferred Qualifications:

  • The ideal candidate will have a Master's Degree in Cyber Security, Information Security, or similar STEM related discipline, to include 10 years of ISSO/ISSM experience under RMF in a DSS or JSIG environment
  • In depth knowledge of the Special Access Program classified system accreditation process (JSIG)
  • Prior experience in a leadership or management role would be desirable
  • Diverse classified information systems security / information assurance background
  • Excellent communication skill
  • Prior experience communicating with both Program and Division senior leadership
  • Prior experience with ICD-503
  • Active Top Secret/SCI clearance with SAP/SAR access highly desirable

Valid Through: 2019-9-16