Information Systems Security Manager

Overview

SOSi is currently seeking an experienced Information Systems Security Manager for our team in Ramstein AB, Germany for a temporary, short-term project. The candidate will be responsible for planning, implementation, and maintenance of security measures to protect information technology networks and systems. Works with customers, partners, stakeholders, and team members to develop and implement DoD security procedures.

Essential Job Duties

• Work directly with Security Control Assessor (SCA) / Cyber Risk Assessor (CRA) team to evaluate risk associated with ongoing operational needs.
• Participate in the planning, design, and implementation of enterprise security architecture.
• Serve as a Subject Matter Expert with respect to National-level Security Policies to include ICD 503, NIST SP-800 Series, and CNSS Instruction 1253.
• Communicate and interact with all system stakeholders to include Senior Management, Senior ISSMs/ISSOs and the Authorizing Official.
• Ensure ISSOs and stakeholders follow all information security policies, standards, and methodologies to obtain and/or maintain security authorizations.
• Provide support to the Government on all matters (technical and otherwise) involving the cyber security.
• Assist in the development and execution of an enterprise level continuous monitoring program to minimize security risks and ensure compliance with that program on a routine basis.
• Support the development and updating of the system security plan, as well as managing and controlling changes to the system and assessing the security impact of those changes.
• Provide support to plan, coordinate, and implement IT security programs and policies.
• Provide configuration management guidance for security-relevant information system software, hardware, and firmware.
• Ensure that protection and detection capabilities are acquired or developed using the information system (IS) security engineering approach and are consistent with organization-level cybersecurity architecture.
• Establish overall enterprise information security architecture (EISA) with the organization's overall security strategy.
• Process security requirements relative to the capabilities of new information technologies.
• Manage threat or target analysis of cyber defense information and production of threat information within the enterprise.
• Monitor and evaluate the effectiveness of the enterprise's cybersecurity safeguards to ensure they provide the intended level of protection.
• Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
• Support policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
• Ensure plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
• Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals.
• Implement and maintain corporate security policies and procedures.
• Participate in vulnerability audits, investigations and mitigation procedures associated with threat analysis.
• Support organization-wide training in security awareness, protocols and procedures.

Minimum Requirements

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field; OR equivalent experience.
• Minimum four years of experience in information security, cybersecurity, or a related role.
• Must possess at least a final secret security clearance or higher.
• Experieince with e-MASS, RMF and NIST 800-53, version 4 or higher.
• Must posses at least an IAT-Level II certification or higher such as Security+.
• Strong analytical and problem-solving abilities, with a keen attention to detail.
• Excellent written and verbal communication skills, with the ability to clearly convey complex security concepts to non-technical stakeholders.
• Ability to work effectively both independently and as part of a team in a fast-paced environment.

Work Environment

• This is a temp position which will take place for approximately three to four months.
• Working conditions are normal for an office environment, with occasional remote work options.
• May require the ability to lift/and or move computer hardware and office equipment.

Working at SOSi

All interested individuals will receive consideration and will not be discriminated against for any reason.