NASA Information Security Manager
11 - 15 years experience •
CSRA is looking for an Information Security Manager to support a large agency’s infrastructure and end user computing environment. This is a senior cyber security position that will provide day to day technical guidance and management oversight to a team of vulnerability assessors, security systems engineers, and compliance and accreditation personnel. The well qualified candidate will possess and apply broad technical expertise across multiple system security related disciplines and have in depth knowledge of the Federal cybersecurity requirements and statutes. The manager will provide direct leadership to a team of Cyber Engineers and Analysts who will be responsible for managed cyber operations capability for the agency end user community. The lead will help mature the agency’s vulnerability management capabilities by ensuring the right technologies are in place and appropriately staffed to identify risks and threats in the environment. The manager will develop and maintain a comprehensive CONOPS for the migrating end user computing environment to Continuous Monitoring in line with NIST security control requirements and best practices.
- Manage staff to ensure adequate staffing levels and skill sets are available to operating the vulnerability management, accreditation, and security controls associated with end user environment.
- Directs and overseas the creation and maintenance of Continuous Monitoring CONOPS and standard operating procedures
- Prepares mid and short-range plans for security application selection, systems maintenance, and production activities and for necessary support resources.
- Provide technical leadership for security best practices to peer teams of engineers and operational staff
- Sit on the change control board to weigh risks to the agency and make recommendations to mitigate security considerations
- Evaluates functionality, risk, and maintainability of perimeter security systems
- Review weekly and monthly performance metrics and develop customer reports and remediation plans as needed
- Directs compilation of records and reports concerning operations and maintenance performance of end point security controls
Desired Skill Sets
- BS in Engineering, Computer Science or related Science degree
- Minimum of 10 years managing a team of cyber security professional.
- Experience managing a team of security professionals including operation security (vulnerability management, security architecture, malware detection) as well as governance and compliance with FISMA and accreditation
- Experience with Federal IT security mandates and requirements
- Familiarity with implementing an Accreditation program
- Implemented security programs and controls for cloud based applications
- Certified Information Systems Security Professional or similar industry certification
- Familiarity with NIST and FISMA security control requirements
CSRA is an Equal Opportunity Employer and all Qualified Applicants will receive consideration for employment without regard to Race, Color, Religion, Sex, National Origin, Disability Status, Protected Veteran Status or any other Characteristic Protected by Law.