Job SummaryWe have an exciting opportunity for an Information Systems Security Manager to join our Classified Computing team located in Emerado, North Dakota. This position reports to the Sr. ISSM of Classified IT Systems.
With general direction, this position is responsible for leading the design, development and implementation of information assurance programs and related procedures.
DUTIES AND RESPONSIBILITIES:- Leads the design, development, and implementation of information security programs, procedures and systems for classified enclaves.
- Ensures system compliance with the authoritative US Government requirements including (but not limited to): ICD503, JSIG, DISA STIGS, DD254, SCGs, etc.
- Maintain authorization of classified systems/circuits via the continuous monitoring process to keep it in good standing with governing authorities.
- Ensures vulnerability scanners and host-based security tools/suites are deployed and monitored in accordance with US Government regulations.
- Assesses and mitigates system security threats and risks.
- Oversees the patch management process.
- Oversees and executes the self-inspection process.
- Oversees audits of information technology systems; ensures periodic self-inspections are conducted.
- Plans, designs and develops strategic initiatives to ensure secure operation and requirements are met. Represents the organization as a primary contact with internal and external representatives.
- Develops information security curriculum and course contents and implements training.
- Functions in a leadership role by providing direction to support and professional staff.
- Responsible for observing all laws, regulations and other applicable obligations wherever and whenever business is conducted on behalf of the Company.
- Expected to work in a safe manner in accordance with established operating procedures and practices.
- Performs additional duties as assigned.
Job Qualifications- Typically requires a bachelor's degree in a related discipline, Information Assurance certification and five or more years of professional experience in information assurance or a related field. Equivalent professional experience may be substituted in lieu of education.
- Must possess an active IC/DoD Top Secret (TS) Clearance with the ability to obtain and maintain access to Sensitive Compartmented Information (SCI) and Special Access Information (SAP), and willingness to undergo CI polygraph.
- Must have a current (favorably adjudicated) polygraph examination or be willing to undergo a polygraph examination with favorable adjudication.
- Must demonstrate in-depth knowledge of NIST 800-53 (Risk Management Framework), JSIG, DAAPM, and other related information assurance principles, theories, concepts and techniques.
- Experience with Microsoft Active Directory, networking/routing principles, multi-factor authentication, host-based security systems, and Nessus.
- Experience with system assessment/hardening tools - DISA STIGs, SCAP, Nessus, etc.
- Must demonstrate a broad understanding of information assurance principles, theories, concepts and techniques.
- Must have experience organizing, planning, scheduling, conducting, and leading work assignments to meet project milestones or established completion dates.
- Must possess the ability to understand new concepts quickly and apply them in an evolving environment while contributing to the development of new processes.
- Must be customer focused and possess:
- The ability to identify issues, analyze data and develop solutions to a variety of highly complex technical and administrative problems.
- DoD 8570 IAM Level III certification required (e.g. CISSP, CISM or GSLC).
- Experience with Sensitive Compartmented Information is required.
- Experience with Special Access Programs is desired.
- Experience with multiple Government information security policies and regulations: e.g. Risk Management Framework (RMF), ICD-503, JSIG, and NIST 800 series special publications.
- Excellent analytical, verbal and written communication skills to accurately document, report, and present findings.
- Excellent interpersonal skills enabling an effective interface with other professionals. Ability to work independently or in a team environment is essential as is the ability to work extended hours as required.
