Information Systems Security Manager

Overview

Axient is seeking an experienced Information System Security Manager (ISSM) to support 96 Range Support Squadron at Eglin AFB, FL.

Responsibilities

• Assists squadron cyber lead/ISSM in developing strategy, documenting and implementing policy/procedures, and assessing cybersecurity program effectiveness in meeting DoD, USAF and Organizational cyber requirements.
• Researches, recommends solutions, and assists implementation of new technologies (e.g., high-performance computing, task automation tools) for improving/modernizing network infrastructure capabilities while reducing cyber vulnerability risk and impacts.
• Consults with program managers early in the system development life cycle to define system-level technical/administrative security requirement baselines that implement organizational IT/security goals and objectives.
• Evaluates system security architectures to ensure confidentiality, integrity, availability, authentication, and non-repudiation capabilities are implemented at acceptable risk levels.
• Implements organizational configuration management policy and conducts continuous monitoring of system configurations. Recommends remediation actions to ensure cybersecurity standards are met and security controls are operating as intended.
• Tests and evaluates information system security requirements implementation throughout the system development lifecycle to provide input to system RMF authorization processes, assess system-level risk associated with known threats/vulnerabilities, recommend risk mitigation/remediation actions, and conduct/document risk assessments.
• Responsible for the continuous monitoring, assessing, and reporting on the cybersecurity posture of assigned, deployed information systems and network enclaves in concert with DoD, USAF, and organizational guidance/requirements.
• Recognizes and reports potential security incidents. Supervises/manages protective/corrective measures in accordance with organizational policy when a security incident/vulnerability is discovered.
• Assesses and documents the risk associated with new/existing Government Off-the-Shelf (), and Open-Source software applications. Recommends approval decision for program manager/configuration control board decision.
• Performs assessments/audits of assigned systems/enclaves and identifies deviations from acceptable configurations, policy, or standards. Measures effectiveness of defense-in-depth architecture against known vulnerabilities. Reports system assessment/audit findings to squadron ISSM and system program manager for remediation.
• Proficient in DoD/USAF/AFMC system authorization processes; Assists development and documentation of System Security Plans and Approval To Operate documentation artifacts and proficient in the use of Enterprise Mission Assurance Support Service (.
• Assists the development, documentation, and coordination of Memorandums of Agreement/Understanding and Interconnected Security Agreements for interconnected information systems/enclaves.
• Performs and analyzes vulnerability, compliance, and configuration scans using ACAS, ESS, and STIG assessment tools.

Core Knowledge, Skills, Abilities and Attributes:

• Knowledge of national, DoD, and USAF guidance, policies, standards, and ethics as they relate to cybersecurity.
• Knowledge and ability to identify cybersecurity threats and vulnerabilities and their operational impacts to cybersecurity principles of confidentiality, integrity and availability.
• Knowledge of computer networking concepts, protocols, and network security methodologies.
• Knowledge and ability to implement DoD/USAF Risk Management Framework (RMF) processes, conduct risk assessments, and recommend mitigations to reduce risk impacts.

Qualifications

• Must be a US Citizen. 
• Active/transferrable Secret clearance required. Top Secret clearance desired.
• Bachelor degree or higher from an accredited college or university in Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree; or a degree in a Mathematics or Engineering field.
• 3 year’s experience in applicable discipline; Experience may be substituted for education with customer approval. 

DESIRED EXPERIENCE

• Must be able to work effectively alone, unsupervised, or within a group.
• Must be able to work in a fast-paced environment while being able to prioritize work to balance multiple projects and deadlines.
• Excellent verbal and written communication skills along with customer interaction and presentation capabilities required. 
• Meets DoD Cyber Workforce Framework, Cybersecurity Element, Intermediate-level Information System Security Manager, Role ID 722 qualifications IAW DoDM 8140.03.
• Current personnel certification as: Certification Authorization Professional (CAP)/Certified in Governance, Risk and Compliance (CGRC); CompTIA Advanced Security Practitioner (CASP ); Certified Chief Information Security Officer (CCISO), Certified Cloud Security Professional (CCSP), Certified Information Security Manager (CISM), Certified Information System Security Professional (CISSP), Cloud , or System Security Certified Practitioner (SSCP).