Job Description
Position Overview: Information Systems Security Manager
Description:
The responsibility of the ISSM is to provide oversight and management of all procedures necessary to ensure accreditation of the USAMMDA enclave.
Performing Cybersecurity activities (formally known as IA - Information Assurance) for a U.S. Army customer.
Coordinate with Government staff, and other Government agencies to assist in the creation, dissemination, direction, and auditing of program policy, standards, and operating procedures.
Utilizing available resources to conduct Cybersecurity activities, and report to site lead and Government personnel on overall program security posture.
Conducting network and system audits for vulnerabilities using Security Technical Implementation Guides (STIGs), ACAS vulnerability scanner, and DISA SCAP to mitigate those findings for desktop and server Windows machines, and associated network operating systems.
Training personnel on new security requirements and STIG updates as they arise to ensure new requirements are being implemented correctly.
Providing oversight of system audits for vulnerabilities using Security Technical Implementation Guides (STIGs), ACAS vulnerability scanner, and DISA SCAP to mitigate those findings for desktop and server Windows machines, and associated network operating systems.
Creating, tracking and reviewing Plan of Action and Milestones (POA&Ms) and conduct solution identification to assist in problem remediation and resolution.
Communicating tactical and strategic threat information to Government leaders, Cybersecurity-Ops and A&A (formerly C&A) Staff to assist them in making cyber risk decisions and to mitigate threats.
Carrying out DoD Risk Management Framework (RMF) in accordance with DoDi 8510 to ascertain Information Systems' security posture by utilizing security control validation activities and coordinating security testing.
Utilizing Security Event generating sources (e.g. Firewalls, Security Appliances, managing system scanning tools such as HBSS and , ACAS).
Working Knowledge of MS Windows Products/Networking/Database (MS-Access, MSSQL).
Working and setting priorities on multiple projects/tasks at once and operate in a dynamic, fast-paced team-oriented environment
Maintaining the Security Accreditation status, including system documentation of entire system enclave.
Coordinating with HQ IA,DHA,DISA, and other organizations in support of audits and inspections and provides all necessary documentation as required for SAVs, ST&Es, and CCRI.
Performing oversight and validation of medical devices developed by USAMMDA within the eMASS system.
Participating in special projects as needed.
Data security administration.
Ability to work and set priorities on multiple projects/tasks at once and operate in a dynamic, fast-paced team-oriented environment.
REQUIREMENT: Candidate must be a US Citizen in order to obtain and maintain an interim and final security clearance. T3 (NACLC) or Secret required.
Experience and Education:
Bachelor's Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
5-8 years of related experience in cyber security management utilizing RMF fundamentals.
Other Requirements:
• Must be familiar with current security policy/manuals
• Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners
• Working knowledge of Microsoft Office (Word, PowerPoint, and Excel)
• Possess a high degree of originality, creativity, initiative requiring minimal supervision
• Willingness to travel within the organizational geographic Area of Responsibility (AOR) (note - could be extensive, and will include both air and ground transportation)
Certifications:
• Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Manager Level 3 within 6 months of the date of hire.
**Position is contingent upon award