RESPONSIBILITIES

• Plan and coordinate security accreditation reviews and risk analysys for new and installed systems and networks; assess and advise on appropriate security measures and countermeasures based on review findings.
• Apply the NIST Risk Management Framework (RMF) and serve as the primary point of contact (POC) for all security matters related to assigned systems.
• Collaborate with stakeholders to develop security plans and policies that defend against unauthorized access to systems, networks, and data; advise leadership on cybersecurity status and educate stakeholders on cybersecurity practices and processes.
• Develop and implement security programs, policies, and procedures to ensure the security, reliability, and accessibility of information systems, networks, and data in accordance with the System Security Plan (SSP); provide input to RMF process activities and associated documentation.
• Participate in network and system design efforts to ensure the implementation of appropriate security controls in alignment with defined security implementation plans.
• Provide DoD Information Technology Portfolio Repository (DITPR) and Enterprise Mission Assurance Support Service (eMASS) registration guidance to system owners.
• Leverage cyber scorecard experience to assess and report on organizational security performance and compliance metrics.
• Execute Assured Compliance Assessment Solution (ACAS) scans and Security Content Automation Protocol (SCAP) scans, and conduct manual reviews of Security Technical Implementation Guide (STIG) checklists.
• Apply strong technical expertise in Linux environments to assess, configure, and harden systems.
• Support the preparation of the Security Assessment Plan (SAP).
• Provide data categorization guidance to system owners.
• Identify and evaluate system impacts, including consideration of existing risk mitigation strategies.
• Develop Plans of Action and Milestones (POA&Ms) based on assessment results.
• Ensure full traceability of all vulnerabilities from raw assessment results through to the POA&M.
• Conduct vulnerability analysis to support mitigation efforts and residual risk determinations.
• Perform and oversee eMASS data entry requirements.
• Support the continuous monitoring program, ensuring Information System Continuous Monitoring (ISCM) results are used to inform continuing authorization and ongoing authorization requirements.
• Develop, review, and maintain RMF accreditation packages with subject-matter expertise.
• Execute and oversee all steps of the RMF process.
• Evaluate security controls and compliance across a variety of hardware and software systems.
• Author and maintain System Security Plans (SSPs).
• Lead and mentor a team of two Information System Security Officers (ISSOs) and two Information System Security Engineers (ISSEs), providing technical direction, task management, and professional development.
• Work effectively both independently and within a collaborative team environment.
• Develop and maintain supporting authorization artifacts, including Configuration Management Plans, Contingency Plans, Incident Response Plans, and Privacy Impact Assessments (PIAs).
• Generate executive-level security status reports and dashboards for leadership and oversight bodies.
• Manage the vulnerability lifecycle, including tracking remediation timelines and validating closure of POA&M items.
• Review and analyze Information Assurance Vulnerability Alerts and ensure timely compliance.
• Prepare, review, and submit Authorization to Operate (ATO), Interim Authorization to Test (IATT), and continuous authorization packages to the Authorizing Official (AO).
• Coordinate with the Authorizing Official (AO), Security Control Assessor (SCA), and Information System Owner (ISO) throughout the authorization lifecycle.
• Ensure systems maintain compliance with applicable DoD, federal, and agency cybersecurity directives, including DoDI 8500.01, DoDI 8510.01, and NIST SP 800-37/800-53

REQUIRED QUALIFICATIONS

• Six (6) – Fifteen (15) years of experience.
• BA/BS college degree required.
• Top Secret Clearance required.

We are seeking an Information Systems Security Manager to support our Prime Contract at Fort Belvoir, VA.

Candidates must possess active Top Secret/SCI Clearance and DOD 8570 IAM III                         

We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays.

Visit us at www.TekSynap.com. 

Apply now to explore jobs with us!  

The safety and health of our employees is of the upmost importance. Employees are required to comply with any contractually mandated Federal COVID-19 requirements. More information can be found here.

WORK ENVIRONMENT AND PHYSICAL DEMANDS

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

• Location: Fort Belvoir, VA
• Type of environment: Office
• Noise level: Low
• Work schedule: Schedule is day shift Monday – Friday. May be requested to work evenings and weekends to meet program and contract needs.
• Amount of Travel: 10%

PHYSICAL DEMANDS

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is regularly required to use hands to handle, feel, touch; reach with hands and arms; talk and hear. The employee is regularly required to stand; walk; sit; climb or balance; and stoop, kneel, crouch, or crawl. The employee is regularly required to lift up to 10 pounds. The employee is frequently required to lift up to 25 pounds; and up to 50 pounds. The vision requirements include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus.

WORK AUTHORIZATION/SECURITY CLEARANCE

US Citizenship

TS Clearance qith the ability to obtin a SCI.

OTHER DUTIES

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

TekSynap is a drug-free workplace. We reserve the right to conduct drug testing in accordance with federal, state, and local laws. All employees and candidates may be subject to drug screening if deemed necessary to ensure a safe and compliant working environment.