(803) 566-3228

One of our representatives will happily contact you within 24 hours

Information Systems Security Manager (ISSM)


Responsibilities


The primary responsibility of the Information Systems Security Manager (ISSM) is to establish, document and monitor the Customer’s cyber security program implementation plan, and ensure compliance with published DoD policies and regulations governing these programs. The ISSM must have a working knowledge of cyber security policies and technical cyber security protection measures, including the Risk Management Framework (RMF), DISA Security Technical Implementation Guides (STIGs), Enterprise Mission Assurance Support Service (EMASS), and other applicable systems and regulations. The ISSM will lead the effort to make risked based recommendations to authorizing officials for initial or continued operation on the DoDIN.

Responsibilities of this position include:
  • Provide direct guidance on issues and tasks related to cybersecurity and the associated administration, development, policy, plans, programs, and initiatives as the Information System Security Manager (ISSM).
  • Manage the Risk Management Framework (RMF) System Authorization process to ensure all customer systems connected to the Army portion of the DoD Information Network (DoDIN) meet all established requirements.
  • Prepare the IA certification and accreditation documentation.
  • Assist with preparation of cybersecurity recommendations for the secure connection of systems and networks operated by other organizations to systems operated under the approval of the Theater Authorizing Official
  • Provide Cybersecurity technical review, and validation, of all proposed IT projects.
  • Analyze requirements for Cybersecurity services and related support within the area of operations.
  • Evaluate cost benefit, economic and risk analysis in decision making process.
  • Execute the risk management framework (RMF) as defined in the National Institutes of Science and Technology (NIST), Department of Defense (DoD), and Army guidance
  • Coach, mentor, and train personnel in RMF implementation, operation, and maintenance, including use of the Enterprise Mission Assurance Support.
  • Review assigned IT capabilities for compliance with RMF and evaluates security risk of operating assigned systems on the DoD Information Network (DoDIN).
  • Make risk-based recommendations to authorizing officials for continued or initial operation on the DoDIN.
  • Provide enclave IA guidance for development of the COOP.
  • Advise the DAA of changes affecting the enclave’s IA posture.

  • Required Skills:

  • 8+ years of experience in Information Assurance and Security
  • 10+ years of management experience
  • Ability to perform IAM Level III functions listed in Table C4.T7. of DoD 8570.01-M Information Assurance Workforce Improvement Program
  • Excellent documentation skills including experience creating and maintaining network and system diagrams
  • Knowledge of information assurance procedures and implementation of technologies to address security controls
  • Knowledge of current methodologies including Continuous Monitoring / Continuous ATO, Assess-Only, ATO management for DevSecOps environments
  • Demonstrated oral and written communication skills
  • Must have and maintain IA baseline certification based on IAM III identified in DoD 8570.01-M Information Assurance Workforce Improvement Program (one of the following): Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Security Leadership Certificate (GSLC), or Certified Chief Information Security Officer (CCISO)
  • Must be a U.S. Citizen
  • Must have an active DoD Secret Clearance, and the ability to hold and maintain a Top Secret Clearance

  • Preferred Skills:

  • Master’s degree in information security and/or assurance
  • Experience with Nessus Security Center / ACAS or other system security scanner
  • GSEC, GSNA, CEH or similar certification desirable
  • Linux/Unix knowledge strongly desired
  • Familiarity with Army Networks including DoDIN and DCO Mission network
  • Apply