Information Systems Security Manager (ISSM)

R2S is presently seeking an Information System Security Manager to maintain the Information Systems at Raytheon-Rafel Area Protection Systems, LLC. in Camden, AR.

*The selected candidate must live in or will relocate within 60 minutes of Camden, AR.

Job Summary: The R2S Information Systems Security Manager is responsible for compliance oversight, assessment, and operations of systems under their purview. They will be assigned responsibility under multiple programs and will shape and enforce the overall information security compliance posture across both unclassified and classified systems.

The R2S ISSM also has cognizance of all collateral Classified Information System (CIS) in the Arlington HQ per Commercial and Government Entity (CAGE) code as stipulated by various US Government requirements.

The selected candidate will also take the lead role in implementing the classified digital technology system at the company facility in Camden, AR, and upon certification will act as the site ISSM for this location and cage code in accordance with the above referenced regulations.

Responsibilities to Anticipate:

• Components of the cybersecurity (CS) program include Assessment and Authorization (A&A) activities (documentation preparation, system configuration/validation, certification testing, etc.), security sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers, etc.), conducting self-inspections, and delivering information systems security education and awareness.
• Components of the CUI (Controlled Unclassified Information) program includes monitoring, audits, recordkeeping, and control of transfer via FTP systems. Monitoring email and system usage in accordance with the Electronic Communication Plan consistent with the company’s Foreign Ownership, Control, and Influence (FOCI) mitigation plan with DCSA. This will entail engagement across senior leadership at R2S and training and coaching of staff across the company.
• Conduct recurring unclassified and classified Cybersecurity reviews on information systems in accordance with DoD Manuals, NIST Special Publications, customer directives, and company policies as applicable (see list below for further details**).
• Develop and execute the R2S Continuous Monitoring Program as required by CA-2 Security Assessments. The ISSM will serve as subject matter expert (SME) on a broad range of Cybersecurity topics, across both unclassified and classified assets. The ISSM may represent the Cybersecurity organization and company to external Cybersecurity counterparts, including those within parent organizations.
• Complete all DCSA and R2S required training within 6 months of appointment (annual requirements thereafter).
• Accountable for all systems under site CAGE: metrics, eMASS, , Continuous Monitoring (ConMon).
• Maintain a working knowledge of all CIS functions, security policies, technical security safeguards, and operational security measures.
• Author and maintain security policies and procedures as required, to include conducting required training for the company.
• Interact and lead discussions with DCSA SCA/ISSP to track items including, but not limited to, upcoming authorizations (ATO), new technologies solutions (i.e., new SIEM, OS, etc.), policy interpretations), and onsite A&A.
• Develop, maintain, and update, in coordination with all system stakeholders (CS Manager, ISO, DT, etc.), applicable site POAM(s) to identify system weaknesses, mitigating actions, resources, and timelines for corrective actions.
• Coordinate DCSA Security Reviews (SR) preparation activities for assigned CAGE in conjunction with site FSO/CS Manager.
• Collaborate with Digital Technology Lead for support to unclassified digital technology maintenance, administration, and security.
• Collaborate with the R2S FSO on maintaining a unified and coherent security architecture.

Basic Qualifications:

• Typically require a bachelor’s degree with eight (8) years of relevant cybersecurity, network security, and/or information technology experience or an advanced with five (7) years of relevant experience as described below.
• At least two years’ experience as the single point-of-contact and/or SME for information security at a company or division of a firm.
• At least four years’ experience supporting cybersecurity compliance as stipulated by DCSA Assessment and Authorization Process Manual (DAAPM), Joint SAP Implementation Guide (JSIG), and/or National Industrial Security Program Operating Manual (NISPOM) regulations.
• Within six months of hire date, you must obtain and maintain an Intermediate baseline qualification level commensurate with your role as the ISSM as required by DoDD 8140 (8570).
• Cybersecurity ISSMs are required to maintain IAM Level III certification commensurate with their role as required by DoDD 8140 (8570).
• Must live or be willing to relocate to within one hour of Camden, AR.
• At least two years’ experience with compliance-based auditing using the Risk Management Framework (RMF) and/or non-defense regulations such as FAA, Payment Card Industry (PCI), ISO 9001 Quality Management standards, or HIPPA.
• Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.

Preferred Qualifications:

• Experience with various information system security tools that address vulnerability analysis and mitigation. These may include Splunk, Forcepoint, Ivanti, Tenable, ACAS, HBSS, etc.
• Experience working with Israeli defense programs and/or U.S. defense prime contractors.
• Experience working in a FOCI mitigated defense company.
• Experience in the oversight and execution of the Assessment & Authorization processes (Certification & Accreditation), as defined in JSIG/RMF
• Experience in the execution and management of Information System’s (IS) incident response and administrative inquiries/investigations in collaboration with the R2S FSO and DT Lead.
• Experience in and execution of a continuous monitoring/improvement program (to include but not limited to self-inspections, security control assessments, training, log management systems, automated inventory utilities, etc.)

Why R2S? If you have a passion for learning and entrepreneurial spirit, this is the place for you. The R2S team is in expansion and growth mode, so if you enjoy a highly collaborative environment and not being siloed in a collective effort to see mission success, R2S is the place for you. We offer flexible scheduling (9/80 work schedule), competitive leave package with a holiday shutdown, and other competitive benefits. At R2S, you can grow personally and professionally through energizing work in a mission focused environment where expanding your professional knowledge is encouraged.

More Information:

This position requires the eligibility to obtain a security clearance. The Defense Industrial Security Clearance Office (DISCO), an agency of the Department of Defense, handles and adjudicates the security clearance process. More information about Security Clearances can be found on the US Department of State government website here: https://www.state.gov/m/ds/clearances/c10978.htm

R2S is An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Job Type: Full-time

Pay: $135,000.00 - $185,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Flexible schedule
• Health insurance
• Life insurance
• Paid time off
• Vision insurance

Compensation package:

• Bonus opportunities
• Holiday pay

Experience level:

• 8 years

Schedule:

• Monday to Friday

License/Certification:

• CISSP (Preferred)

Security clearance:

• Confidential (Required)

Ability to Relocate:

• Camden, AR 71701: Relocate with an employer provided relocation package (Required)

Work Location: Hybrid remote in Camden, AR 71701