Information System Security Manager (Issm)

Company Overview
Millennium Space Systems, A Boeing Company delivers affordable, high-performance space systems for exacting customers. At Millennium, you will be part of a close-knit team working on exciting technological problems. We work in an open environment where ideas are shared across all disciplines, and there are ample opportunities for advancement based on excellence. Superstars are welcome.
At Millennium, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity, and inclusion are core values. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
Job Summary
As an Information SystemsSecurity Manager (ISSM) at Millennium Space Systems, your job is to ensure that the classified and controlled systems that Millennium is responsible for comply with all customer-defined security requirements and applicable federal regulations.
The candidate will be responsible for driving accountability for Cybersecurity controls within classified and controlled programs.
This position's internal job code is Info Sec & Governance Spec. Our team is currently hiring for level 4.
Responsibilities

• Ensure daily and weekly information assurance activities, such as auditing and patching classified systems are being performed, with the goal of maintaining all systems in compliance with corporate and government directives, regulations, and policies
• Create new and manage existing assessment and authorization packages and perform all tasks necessary to obtain and maintain authorization to operate (ATO), such as the implementation of security controls, planning, writing procedures for, and conducting certification testing, facilitating third party certification and penetration testing, addressing plan of action and milestones (POA&M) items, and continuous monitoring activities
• Lead ISSOs and ensure that system authorization packages take into consideration the requirements of government agencies and the owner/users of the systems such as program managers, system engineers, and developers
• Participate in or lead planning and executing risk management activities such as disaster recovery, continuity of operations, and incident response
• Participate in or lead computer forensic activities such as using tools and techniques for attack reconstruction, root cause analysis, and providing fix actions, recommendations
• Provide administrative support for security policy development and maintenance

Minimum Qualifications

• This position requires an active TS/SCI U.S. Security Clearance for which the U.S. Government requires U.S. Citizenship. (More information on this process can be found by following the Mandatory Security Clearance and Access Process Disqualifying Criteria link which is listed in the job posting).
• In scope Tier 5(T5)/Single Scope Background Investigation (SSBI)
• 4 years of experience within the InfoSec industry
• Certification(s) and experience commensurate with at least Information Assurance Manager Level II (IAM Level II) as specified by DoDD 8140
• Experience in classified environments (e.g.: Collateral, SCI, SAP)
• Proficient knowledge of the Risk Management Framework as provided by NIST Special Publication (SP) 800-37, controls provided in NIST SP 800-53, and assessments provided by NIST SP 800-53A and derived policies, such as the Intelligence Community Directive Number 503 (ICD-503) or the Joint Special Access Program (SAP) Implementation Guide (JSIG)
• Proficient knowledge and experience with completing and submitting accreditation or assessment and authorization packages
• Ability to audit and verify security controls as part of industry standard system hardening or in accordance with customer requirements
• Ability to communicate complex concepts with senior management, technical personnel, and external entities including senior representatives of the US Government and teammates
• Ability to audit, scan for vulnerabilities, and continuously monitor mixed (Windows, Linux, and devices) computer systems using tools such as Tenable Nessus and Splunk

Preferred Qualifications

• Ability to participate in or manage Computer Incident Response Team (CIRT) activities, including computer forensic analysis
• Ability to analyze network traffic using common security devices such as firewalls and intrusion detection systems
• Familiarity with Public Key Infrastructure (PKI) and other authentication / encryption framework

Please note that the salary information shown below is a general guideline only of what is reasonably expected to be paid for the position. Salaries are based upon candidate experience and qualifications, as well as market and business considerations.
Summary Pay-Range

• Level 4: $124,000 - $182,500

Benefits and Perks
Millennium Space Systems offers a very competitive benefits package to include medical, dental, vision, and 401k plan.
Before applying, please note:
Millennium is DDTC-registered, ITAR-compliant Company. This position is located at a facility that requires special access. Applicants MUST be U.S. citizens and eligible for a security clearance. Additionally, applicants must be willing to apply for and maintain a security clearance. We are proud to be an Affirmative Action/Equal Opportunity Employer. We encourage veterans, disabled veterans and disabled individuals to apply for any open position for which they feel they are qualified.
Applicant Privacy Policy
Mandatory Security Clearance and Access Process Disqualifying Criteria