Noblis

Information Systems Security Manager (ISSM) - U.S. Navy Programs

Noblis$78K — $123K *
Aerospace & Defense
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Computer Science, IT, Cybersecurity, or Engineering-related field.
  • Minimum of 3 years professional experience in Cybersecurity / IT.
  • CompTIA Security+ certification is mandatory.
  • Demonstrated experience with Risk Management Framework (RMF), DoD experience is a plus.
  • Proficient in using eMASS system and vulnerability analysis tools like ACAS and HBSS.
  • Must be a U.S. citizen with active DoD clearance or eligibility to obtain one.

Responsibilities

  • Conduct risk and vulnerability assessments of information systems.
  • Develop and review RMF documentation including Security Plans and POA&Ms.
  • Provide innovative solutions to complex security problems.
  • Assess compliance against NIST, DoD, and Navy security standards.
  • Coordinate with SMEs to create authorization and architecture diagrams.
  • Collaborate with system teams to update policies and procedures.
  • Produce evidence for compliance with NIST and DoD requirements.

Benefits

  • Comprehensive health and life insurance.
  • Disability and financial benefits.
  • Paid leave and professional development opportunities.
  • Tuition assistance for educational advancement.
  • Wellness programs to support work-life balance.
  • Recognition programs for exceptional employee performance.
Full Job Description
Responsibilities The ISSM (information Systems Security Manager) will have Risk Management Framework (RMF) experience. The candidate's primary responsibility will be to perform tasks related to Assessment & Authorization (A&A) and cybersecurity to obtain and maintain Authorizations to Operate (ATO) for U.S. Navy afloat and ashore systems. Lifecycle cybersecurity support of US Navy systems, which includes, but is not limited to the following duties: • Conducting risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs. • Developing, updating, and/or reviewing system RMF documentation to include Security Plans, Implementation Plans, Plans of Action and Milestones (POA&Ms), and Risk Assessment Reports (RARs). • Providing solutions to complex problems that require the regular use of expertise and creativity. Problems are broadly defined, and solutions require the continuation of specialized theories and knowledge. • Assessing system compliance against NIST, DoD, and Navy security requirements to include the NIST 800-53 controls and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs). • Coordinating with other system SMEs to identify and develop authorization boundary diagrams, architecture diagrams, and hardware and software inventories. • Working with system administrators, engineers, and developers to update system/site policies, procedures, and process guides. • Producing evidence as necessary to support compliance status of NIST, DoD, and Navy security requirements. • Performing annual security reviews, annual testing of security controls, and annual testing of the contingency plan in line with FISMA requirements. • Maintaining awareness and knowledge of evolving security and risk management standards and communicate and apply relevant changes to existing processes. • Attending and participating in regular A&A status meetings to facilitate progress and address potential issues of RMF system efforts. • Actively participating in working group meetings to identify, plan, and execute strategies in response to emerging cybersecurity/RMF policies. • Utilizing the Enterprise Mission Assurance Support Service (eMASS) system work-flow for all formal coordination during the RMF process. • Reporting changes in the security posture of systems to the Authorizing Official. Long term contract based out of the Philadelphia Navy Yard. Required Qualifications Bachelor of Science (BS) Degree in Computer Science, Information Technology (IT), Cybersecurity, or Engineering related field and a minimum of 3+ years of professional experience in Cybersecurity / IT. • CompTIA Security+ certification required. • Demonstrated experience with Risk Management Framework (RMF); experience within the DoD a plus. • Experience using the eMASS system. • Experience with vulnerability analysis tools such as Assured Compliance Assessment Solution (ACAS) and Host Based Security System (HBSS). • Candidate must be a US Citizen and have an active DoD clearance, or the ability to obtain one. Desired Qualifications - CISSP (or Associate), CASP+ CE, CCNP Security, CISA, GCED, or GCIH certification. - Experience leading a team through a technical project. - Proficiency in the use of Microsoft Office suite of applications. - Basic Technical Writing ability. Remote/hybrid status is subject to change based on Noblis and/or government requirements. Total Rewards At Noblis we recognize and reward your contributions, provide you with growth opportunities, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, and work-life programs. Our award programs acknowledge employees for exceptional performance and superior demonstration of our service standards. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in our benefit programs. Other offerings may be provided for employees not within this category. We encourage you to learn more about our total benefits by visiting the Benefits page on our Careers site. Compensation at Noblis is determined by various factors, including but not limited to, the combination of education, certifications, knowledge, skills, competencies, and experience, internal and external equity, location, clearance level, as well as contract-specific affordability, organizational requirements and applicable employment laws. The projected compensation range for this position is based on full time status. For part time or on-call staff, compensation is proportionately adjusted based on hours worked. While monetary compensation is important, it's just one component of Noblis' total compensation package. Posted Salary Range USD $78,900.00 - USD $123,300.00 /Yr.

About Noblis

Noblis is an American not-for-profit science, technology, and strategy organization that provides technical and advisory services to federal government clients. Noblis works in the areas of national security, intelligence, transportation, healthcare, environmental sustainability, and enterprise transformation. Noblis was created in 1996 when Mitretek Systems Inc. was split into two separate entities. The other entity became known as Noblis ESI. Noblis has been recognized as one of the best places to work in the Washington, D.C. area by the Washington Business Journal and the Washingtonian.
Learn more about Noblis
Size
1,500 employees
Industry
Founded
1996

Similar Jobs

More Jobs at Noblis

More Aerospace & Defense Jobs

Find similar Information Systems Security Manager (ISSM) - U.S. Navy Programs jobs: