Information Systems Security Manager (ISSM) - Philadelphia, PA
Indexed description
Conducting risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs.
Developing, updating, and/or reviewing system RMF documentation to include Security Plans, Implementation Plans, Plans of Action and Milestones (POA&Ms), and Risk Assessment Reports (RARs).
Providing solutions to complex problems that require the regular use of expertise and creativity. Problems are broadly defined, and solutions require the continuation of specialized theories and knowledge.
Assessing system compliance against NIST, DoD, and Navy security requirements to include the NIST 800-53 controls and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs).
Coordinating with other system SMEs to identify and develop authorization boundary diagrams, architecture diagrams, and hardware and software inventories.
Working with system administrators, engineers, and developers to update system/site policies, procedures, and process guides.
Producing evidence as necessary to support compliance status of NIST, DoD, and Navy security requirements.
Performing annual security reviews, annual testing of security controls, and annual testing of the contingency plan in line with FISMA requirements.
Maintaining awareness and knowledge of evolving security and risk management standards and communicate and apply relevant changes to existing processes.
Attending and participating in regular A&A status meetings to facilitate progress and address potential issues of RMF system efforts.
Actively participating in working group meetings to identify, plan, and execute strategies in response to emerging cybersecurity/RMF policies.
Utilizing the Enterprise Mission Assurance Support Service (eMASS) system work-flow for all formal coordination during the RMF process.
Reporting changes in the security posture of systems to the Authorizing Official.
Long term contract based out of the Philadelphia Navy Yard.
Auto req ID
478160BR
Minimum Education Required
High School/GED
Job_Category
Engineering
Additional Qualifications/Responsibilities
Required Qualifications
Bachelor of Science (BS) Degree in Computer Science, Information Technology (IT), Cybersecurity, or Engineering related field and a minimum of 3+ years of professional experience in Cybersecurity / IT.
CompTIA Security+ certification required.
Demonstrated experience with Risk Management Framework (RMF); experience within the DoD a plus.
Experience using the eMASS system.
Experience with vulnerability analysis tools such as Assured Compliance Assessment Solution (ACAS) and Host Based Security System (HBSS).
Candidate must be a US Citizen and have an active DoD clearance, or the ability to obtain one.
Desired Qualifications
- CISSP (or Associate), CASP+ CE, CCNP Security, CISA, GCED, or GCIH certification.
- Experience leading a team through a technical project.
- Proficiency in the use of Microsoft Office suite of applications.
- Basic Technical Writing ability.
City*
Philadelphia
State*
Pennsylvania
Job Code
Engineering Engineering
Affiliate Sponsor
Noblis
Salary Range
$75,000-$100,000
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search