Key Role:

Serve as an Information Systems Security Manager (ISSM) responsible for the Risk Management Framework (RMF) authorization of assigned Information Systems (IS). Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security plan. Conduct periodic assessments of authorized systems and ensure corrective actions for all identified findings and vulnerabilities are addressed in a timely manner. Assume responsibility for all RMF continuous monitoring activities for authorized systems, including periodic analysis of collected audit records and system vulnerability management cycle. Monitor system incident recovery processes to ensure security features and procedures are properly restored and functioning correctly. Ensure user activity monitoring data is analyzed, stored, and protected in accordance with our program policies and procedures and execute a strong continuous monitoring strategy. Serve as a career manager for ISSOs.

Basic Qualifications:

• Experience with NIST 800-53, ICD 503, and the Risk Management Framework (RMF) practices, Security Technical Implementation Guides (STIGs), computer networking, and an operating system

• Experience with System Administration functions in a networked environment

• Knowledge of National Industrial Security Program Operating Manual (NISPOM), Joint Special Access Program Implementation Guide (JSIG), Intelligence Community Directives (ICD) 503/703, the RMF process, and associated National Institute of Standards and Technology (NIST) publications

• Knowledge of government classified contracts and DD 254 requirements from an information security perspective

• TS/SCI clearance with a polygraph

• HS diploma or GED

• IAM Level III Certification

Additional Qualifications:

• Experience as an ISSO, ISSM, ISSE, or Security Controls Assessor

• Ability to operate independently without supervision

• Ability to work in a team environment and effectively manage Information System Security Officers

• Ability to identify, contain, investigate, and report data spills to the government through preliminary written reports

• Ability to coordinate the containment and device sanitization with staff at the affected locations

• Ability to provide an assessment and mitigation strategy addressing the data spill in the approved response plan

• Possession of excellent organizational skills

• Possession of excellent verbal and written communication skills

• Bachelor's degree

• CCNA, Red Hat, or Windows Certification

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance with polygraph is required.

We're an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change - no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.