Information Systems Security Manager

Job Description

This position is contingent upon contract award.

This position requires a strong technical background in systems and network security, along with excellent interpersonal and leadership abilities. This position supports development of IT and Cyber systems. 

Responsibilities:

• Identify information management risks and develop necessary mitigation actions.

• Support cybersecurity in development of controls that would be applicable for Capital Project design, procurement, and operation phases.

• Support cybersecurity in development of cyber security controls for operations.

• Develop production IT and Cyber systems plans that follow NNSA Defense Programs Business Process Systems (DPBPS) requirements and nuclear security enterprise (NSE) best practices.

• Develop production IT and Cyber systems plans that will support the short term and long-term goals.

• Develop production IT and Cyber systems plans that will support production operational technologies (OT) and their associated quality, security and nuclear enterprise assurance (NEA) requirements.

Job Requirements

Experience/Skills: Candidate shall demonstrate the following experience/skills:

• Experience in applying NIST and DOE guidance to IT/Cyber programs.  This includes but is not limited to:

  • NIST SP 800-37 “Risk Management Framework for Information Systems and Organizations”.

  • NIST SP 800-82 “Guide to Industrial Control Systems (ICS) Security”.

  • NIST SP 800-53 “Security and Privacy Controls for Federal Information Systems and Organizations”.

  • NIST SP 800-160 vol 1&2 “Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems”.

• Ability to design, develop, implement, and oversee the cybersecurity controls and response for a Tactical Operations Center (TOC)/Security Operations Center (SOC).

• Understanding of classified and unclassified cybersecurity needs and the ability to work with Derivative Classifiers, Records Management, Information Technology, and other data and security related organizations.

• Experience managing the implementation of security controls established by applicable contract requirements, U.S. Department of Energy (DOE) directives, NIST guidance, system security plans (SSPs) and supporting policies, plans and procedures.

• Experience ensuring plan of actions and milestones (POA&Ms) are prepared and completed for program and/or system level cybersecurity deficiencies found during internal and external assessments.

• Experience ensuring personnel with cybersecurity responsibilities are trained on cyber security requirements, operations, safeguards, and incident handling procedures.

• Experience with the identification and documentation of organization-specific threats to information systems and information in coordination with the operations security (OPSEC) program.

• Experience providing cybersecurity self-assessments and evaluations.

US Citizenship Required: Yes.

Area Security Access: The ability to obtain a Q clearance is required.

Boston Government Services, LLC is an Equal Opportunity/Affirmative Action employer. All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.