Information Security Director jobs in Philadelphia, PA

• Full life cycle DoD RMF support including the development, submit ion, and maintenance of RMF packages.
• Develop supporting policies, plans, and strategy documents.
• Develop and maintain in eMASS a Plan of Action and Milestone (POA&M).
• Maintain, validate, and document system configuration vulnerability baseline, current vulnerability scan data, and cyber directives in Vulnerability Remediation Asset Manager (VRAM).
• Coordinate with the government-appointed NQV throughout the A&A/AO package creation and processing.
• Manage, attend, and support Configuration Control Board (CCB) practices.
• Perform risk management and security engineering for systems including IAVM support.
• Develop and execute cybersecurity Ship Change Documents, evaluating vulnerabilities, eMASS POA&Ms, identify solutions to mitigate risk.
• Evaluate discrepancies reported by NQVs, recommend mitigation measures.
• Implement configuration version control practices and processes.
• Plan and coordinate security measures to safeguard information.
• Plan and support the installation and testing of new products and improvements to computer systems, such as the installation of new databases.
• Develop and prepare implementation-and-maintenance, access control, inventories, and communications-documentation, as well as Standard Operating Procedures (SOPs).
• Establish Department-level performance metrics to assess the health of programmatic and business aspects, and facilitation of strategic planning sessions.
• Configuration Management of system related software products, requirements documentation and interface specifications.
• Develop cost estimates/models to ensure sufficient funding to meet all requirements are followed throughout RMF life cycle.
• Manage, attend, and support Configuration Control Board (CCB) practices.
• Perform risk management and security engineering for systems including IAVM support, remediation, patching, scanning and associated boundary maintenance.

• Bachelor's degree in computer science or any technical information technology field.
• Three (3) years total of practical experience in any Cybersecurity, Engineering, Test & Engineering (T&E), or A&A (formerly C&A) related field, which shall include three (3) concurrent years of experience implementing Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs) and the use of the following Information Assurance tools: DISA Enterprise Mission Assurance Support Service (eMASS) and Assured Compliance Assessment Solution (ACAS).
• Current secret or above security clearance.
• IAT Level 2 Certification (CCNA-Security, CySA **, GICSP, GSEC, Security CE, CND, SSCP).

• Working knowledge of the Naval Sea System Command, Naval Surface Warfare Center, and Fleet organizations is desired.

• Attending mandatory, annual training sessions
• Providing regular status reports to management summarizing progress, challenges, metrics, and recommendations
• Collaborating with team members to ensure effective communication and coordination
• Attending recurring team meetings or huddles
• Assisting in the development of new initiatives

JL4mgN7eL3