Austin, TX US
Information Systems Security Manager (ISSM)
Location: Austin, TX
Salary: $130k + annual bonus
Industry: Dept. of Defense
Clearance: Active Secret Required
- Holds an Active DoD Secret security clearance.
- 5+ years' recent experience as an ISSM in a DoD environment with a history of obtaining long-term ATOs
- Possess a strong working knowledge of the NISPOM, DAAPM, NIST SP 800-53, and eMASS procedures.
- Understands the technical configurations of Windows and Linux Operating Systems in physical and virtual environments.
- Must have the ability to read and understand event logs from Windows and Linux.
- Must have the following Information Assurance certifications:
- CDSE/STEPP Risk Management Framework ISSM Training Curriculum as required per the current version of the DAAPM.
- DOD 8570.01-M certification at IAT level 2, such as Security +
- Higher-level certifications such as CISM or CISSP strongly desired.
- BS in an IT-related or equivalent systems related discipline.
- Knowledge of tools to parse logs, scan operating systems for vulnerabilities and compliance checking preferred, and required within 6 months of hire.
- The ability to identify security vulnerabilities in a broad spectrum of hardware and software products and provide risk mitigation solutions.
- In depth knowledge of change control, configuration management and information assurance processes and procedures.
- Experience in handling security incidents and conducting investigations with little supervision.
- Provide clear guidance to company employees and recommend modifications to operations policies and/or procedures as appropriate.
- Provide Configuration Management of each system to include assessments of modifications and vulnerabilities.
- Develop and maintain a classified IS Security Program. Write, implement and enforce IS Security Policy. Ensure system security measures comply with applicable government policies. Develop and maintain all information systems documentation in accordance with mandated policies.
- Develop and implement procedures for responding to security incidents and investigating and reporting security violations and incidents as appropriate.
- Ensure systems and data are protected, operated, maintained, and disposed of in accordance with security policies and practices as outlined in the RMF document package.
- Develop automated processes to assist in maintaining system compliance, required patches, and documentation updates.
- Recommend and provide backup, recovery and architecture changes.
- Develop training materials as required by the security controls and as defined in the RMF SSP and standard operating procedures covering all technical and administrative aspects of system operations. Ensure all IS Users receive the necessary Information Assurance and Security Training to perform their duties. Ensure all ISSOs follow established IS policies and procedures.
- Collaborate with IS Security personnel at other organizations, including Defense Counterintelligence and Security Agency (DCSA). Conduct security self-inspections, apply risk mitigation methodologies, support customer assessments and DCSA Security Reviews. Implement security measures to meet requirements and correct any noted vulnerabilities.
Keyword Searchstring: Cybersecurity, HBSS, CISM, ISSO, ISSE, COMSEC, cryptography, cryptographic, RMF, NIST, SOC, Splunk, CompTIA Security Plus, Sec+, CISSP, CISM