Information System Security Manager

Peraton

$112K — $179K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • 8+ years of experience with a BS/BA; 6+ years with an MS/MA; 3+ years with a PhD
  • CISSP or equivalent certification (DoD 8570 IAM Level III)
  • Experience with SAP and DCSA assessments and authorizations
  • 5+ years with the Authority to Operate (ATO) process and NIST standards
  • Experience with compliance tools like SCAP and STIGs
  • Strong written and verbal communication skills
  • Active TS clearance with the ability to obtain SCI

Responsibilities

  • Lead and manage information assurance efforts across various environments
  • Perform ISSM roles as per DAAG, JSIG, ICD-503, and relevant regulations
  • Create and maintain RMF Package documentation and associated artifacts
  • Prepare and update required documentation with approved templates
  • Meet continuous monitoring requirements for accredited information systems
  • Manage security vulnerabilities and perform timely remediation
  • Generate and manage Plan of Actions & Milestones (POA&Ms) throughout the system lifecycle

Benefits

  • Full-time on-site position in Silver Spring, Maryland
  • Opportunity to work with classified information systems
  • Engagement in continuous learning and maintaining required certifications
  • Impactful role supporting information assurance and IT operations
  • Collaboration with key stakeholders to enhance security posture
Full Job Description
Responsibilities

Peraton is seeking an Information System Security Manager in support of Peraton Labs’ information assurance and information technology operations. This is a full-time on-site position working out of the Silver Spring, Maryland office.

 

Responsibilities include but are not limited to:

  • Lead and manage information assurance efforts, and systems across numerous environments in Silver Spring, MD.
  • Perform Information System Security Manager (ISSM) roles and responsibilities as prescribed by the DAAG, JSIG, ICD-503, and other applicable regulations.
  • Create, manage, and maintain RMF Package documentation, submissions, and associated artifacts. This will include A&A packages, ASA packages, SCRs, etc.
  • Prepare, deliver and update all required documentation using the current approved templates, forms, regulations, and methods.
  • Meet continuous monitoring requirements for the accredited information systems, to include weekly auditing, performing of backups, AV updates, OS patching, vulnerability scanning, and other prescribed tasks.
  • Manage security vulnerabilities, implement timely remediation, monitor security logs for violations and anomalous events, and report information security concerns and problems when necessary.
  • Generate Plan of Actions & Milestones (POA&Ms) for each non-compliant control, manage all applicable POA&Ms throughout the information system lifecycle. Proper documentation shall be filed and updated as required.
  • Oversee the management and maintenance of Linux and Microsoft classified information systems, with the ability to assist in technical efforts when needed. This may include building systems, installing software, and/or troubleshooting information systems and network devices.
  • Apply security controls based on the DoD Security Technical Implementation Guidance and other customer requirements.
  • Work closely with the key stakeholders to identify any additional controls that are applicable to the system(s) to maintain a favorable security posture.
  • Assist in incident response, annual self-inspection, and inventory efforts.
  • Track the deployment of all applicable software and hardware to classified environments.
  • Provide, track, and report security requirements throughout the system life cycle of all information systems that are within the accreditation boundary.
  • Provide timely and detailed responses to user and customer requests.
  • Continuously maintain a thorough understanding of all relevant corporate policies, security control plans as well as system configurations, architecture, installed software, accounts (both Operating System and Application), data flows, ports, protocols, and other relevant data for each Information System.
  • Maintain required certifications for this role.
Qualifications

Required Qualifications/Skills:

  • Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD
  • CISSP or equivalent certification (DoD 8570 IAM Level III).
  • Experience with SAP and/or DCSA assessments and authorizations.
  • 5+ years experience with Authority to Operate (ATO) process, continuous monitoring, POA&Ms, Security Authorizations (SA), NIST 800-37, NIST 800-53 Rev4/ Rev5, working with Information System Owners (ISO) and Program Managers (PM).
  • Experience with SCAP, STIGs, and other compliance tools.
  • Proven written and verbal communication skills, and the ability to work well with team members.
  • Active TS clearance with ability to obtain SCI.

Desired Skills/Qualifications

  • Preferred degree in a technical discipline such as computer science, cybersecurity, or information technology.
  • Experience with Ongoing Authorizations
  • Experience with eMASS
  • Experience with ACAS, Nessus, and/or other vulnerability scanners
  • 3+ years of solid Linux system administration working experience with specific focus on Ubuntu and RedHat distributions.
  • Experience with Linux shell scripting include writing new scripts and troubleshoot existing codes.
  • In-depth knowledge of TCP/IP and networking concepts and a solid understanding of the well-known services including DHCP, DNS, SSH, TLS, IPSec, etc.
Target Salary Range$112,000 - $179,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

Similar Jobs

More Jobs at Peraton

More Information Technology Jobs

Find similar Information System Security Manager jobs: