About the job Information Systems Security Manager (ISSM)
Information Systems Security Manager (ISSM)Castelion is seeking a classified cyber assurance practitioner to drive the Castelion classified cyber assurance program forward. The program focuses on three major areas:
- Assessment: Assessing the state of the classified cyber assurance program against industry standards, requirements (contractual and regulatory), and organizational needs.
- Governance: Managing and spearheading governance of the classified cyber assurance program to interpret and drive implementation of industry standards, requirements (contractual and regulatory), and organizational needs.
- Communications: Be "the face" of classified cyber assurance program to both internal and external stakeholders (e.g. customer, regulatory, government and supplier entities).
The successful candidate will drive the classified assurance team to ensure Castelion delivers on customer requirements, reduces risk, and ensures mission success. We are a fast paced, multi-tasking, highly dynamic work environment with high degrees of autonomy and accountability.
Responsibilities- Responsible for the complete RMF A&A lifecycle process for assigned Castelion classified information systems
- Ensure compliance with existing regulatory, policy, and contractual requirements as they pertain to Castelion classified information systems
- Responsible for identification, triage, and implementation of new regulatory and contractual requirements into both broad and specific applications
- Keep apprised of emerging community practices, risks, and threats
- Plan, prepare for, schedule and coordinate audits, assessments, and tests
- Identify, evaluate, and select various automation, assessment, and management tool sets to drive effectiveness and efficiencies
- Provide expert knowledge of Nessus, Splunk and Security Center tools
- Provide expert knowledge of Service Now (SNOW), eMASS, and other GRC tools
- Guide and mentor Cleared Cyber Assurance Analyst(s)
- Build and maintain positive relationships with internal stakeholders, contractual partners, and government customers
- Successfully further Castelion objectives and initiatives
- Ensure all classified networks remain in compliance and have active ATO
- Responsible for creating and maintaining all required cybersecurity trainings, user agreements, media logs, and classified equipment control
- Ability to meet fast deadlines while maintaining compliance
Basic Qualifications- Bachelor's degree; OR 5+ years of experience managing cyber assurance for classified computer systems/networks in lieu of a degree
- 3+ years of experience in cyber assurance
Preferred Skills and Experience- Demonstrated experience with NRO A&A processes and the JSIG A&A processes
- Subject matter expertise in the RMF 7 step process
- Experience working within highly technical and demanding teams and environments
- Experience with obtaining ATO(s) for networks, weapon systems, and satellite systems
- Demonstrated experience with COMSEC procedures and practices
- Exceptional written and verbal communication skills
- Exceptional organizational skills
- Demonstrated project management skills, and continued track record of getting things done quickly with high quality
- Demonstrated record for providing unique and/or novel solutions
- Demonstrated record of integrating with I.T. and product security functions
- Ability to perform within mission and time constrained environments
- High comfort with and acceptance of performing individual contributor functions/tasks
- Masters Degree in Cybersecurity
Additional Requirements- Must be able to work extended hours and/or weekends as needed
- Ability to travel both locally and domestically
- DoD IAM Level III eligibility based on active certifications
- Counterintelligence (CI) scope polygraph (full-scope or lifestyle also acceptable), or ability to successfully complete
- This position is based in Torrance, CA and requires being onsite - remote work not considered
- Active Top Secret clearance with SCI eligibility.
Leadership Qualities- Bias to Action and Creative Problem Solving. Desire and experience questioning assumptions in ways that lead to break through ideas that are ultimately implemented. Successfully bring in applicable processes/concepts/materials from other industries to achieve efficiency gains. Ability to personally resolve minor issues in development without requiring significant support.
- High Commitment, High Initiative. A successful candidate will have a genuine passion for Castelion's mission and consistently look for ways to contribute to the company's technical goals and prevent hardware blockers. Ability to work in a fast paced, autonomously driven, and demanding atmosphere. Strong sense of accountability and integrity.
- Clear Communicator. Proactively communicates blockers. Trusted in previous roles to be voice of company with regulators, suppliers, gate keepers and customers. Capable of tactfully managing relationships with stakeholders to achieve company-desired outcomes without compromising relationships. Emails, IMs and verbal interactions are logical, drive clarity, and detailed enough to eliminate ambiguity.
ITAR Requirements- To conform to U.S. Government export regulations, applicant must be a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (aka green card holder), (iii) Refugee under 8 U.S.C. § 1157, or (iv) Asylee under 8 U.S.C. § 1158, or be eligible to obtain the required authorizations from the U.S. Department of State.
All employees are granted long-term stock incentives as part of their employment as Castelion. All employees receive access to comprehensive medical, vision, and dental insurance, and the company offers four weeks of paid time off per year.
