Job Requirements
Maple Grove, MN
Secret Polygraph not specified
Mid Level Career (5+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries
Job Description
The Information System Security Manager (ISSM) is responsible for applying Information System (IS) security principles, practices, and procedures under the Risk Management Framework (RMF) to maintain compliance with applicable security regulations, such as NIST, CNSSI, and NISPOM, governing the development and management of classified information systems. This position will be responsible for managing the program’s overarching security effort and representing the program to the sponsor’s security organization. This position requires the ISSM to be a strong advocate for integrating security into front-end requirements and overseeing the implementation and sustainment of security controls in all stages of the program lifecycle. The ISSM will be providing direct support to a U.S. Government sponsor.
*Occasional local and domestic travel may be required for work or training purposes – less than 10%.
Responsibilities
Create and maintain information security related documentation
Implement, maintain, and monitor security controls
Advise developers on integrating security requirements
Achieve and maintain Authorization to Operate classified information systems
Coordinate with sponsor and corporate security organization
Oversee Continuous Monitoring program
Maintain operational security posture for information systems
Provide security related training and guidance to program management and staff
Maintain eligibility for personal security clearance
Perform other duties as assigned
Requirements
Qualifications
Current Secret clearance
IAM Level III certification in accordance with DoD 8570.01M, such as CISSP.
Understanding of NIST 800 series, CNSSI 1253, NISPOM Chapter 8, and related publications
Ability to perform risk assessment and risk management for classified information systems
Familiarity with the RMF process and experience in drafting RMF documentation
Experience in implementing and monitoring technical, administrative, and operational security controls
Ability to maintain organized and complete records
Ability to prioritize competing demands and complete tasks on schedule
Preferred Skills
In addition to the required skills for this position, a qualified candidate for this position will demonstrate a combination of training and hands-on experience in many of the operational and technical skills listed below:
Collaborating in a team environment
Solid written and verbal communication skills
Familiarity with the Xacta or DCSA eMass systems
Security Technical Implementation Guides (STIGs)
Information Assurance Vulnerability Alerts (IAVAs)
Security Content Automation Protocol (SCAP) Compliance Checker (SCC)
MS Windows Server – Group Policy Objects
MS Windows Server - Active Directory
MS Windows Server – System Administration
Reviewing MS Windows security event logs
Use of scanning tools and interpreting results
Security incident management
Working with hardware and software vendors
This position requires access to controlled technical data and/or participation in activities subject to the International Traffic in Arms Regulations (ITAR). As such, all applicants must be U.S. persons, as defined by ITAR (U.S. citizens, U.S. lawful permanent residents, or individuals with refugee/asylee status). Candidates who do not meet ITAR eligibility requirements will not be eligible for employment in this position.
*Occasional local and domestic travel may be required for work or training purposes – less than 10%.
Responsibilities
Create and maintain information security related documentation
Implement, maintain, and monitor security controls
Advise developers on integrating security requirements
Achieve and maintain Authorization to Operate classified information systems
Coordinate with sponsor and corporate security organization
Oversee Continuous Monitoring program
Maintain operational security posture for information systems
Provide security related training and guidance to program management and staff
Maintain eligibility for personal security clearance
Perform other duties as assigned
Requirements
Qualifications
Current Secret clearance
IAM Level III certification in accordance with DoD 8570.01M, such as CISSP.
Understanding of NIST 800 series, CNSSI 1253, NISPOM Chapter 8, and related publications
Ability to perform risk assessment and risk management for classified information systems
Familiarity with the RMF process and experience in drafting RMF documentation
Experience in implementing and monitoring technical, administrative, and operational security controls
Ability to maintain organized and complete records
Ability to prioritize competing demands and complete tasks on schedule
Preferred Skills
In addition to the required skills for this position, a qualified candidate for this position will demonstrate a combination of training and hands-on experience in many of the operational and technical skills listed below:
Collaborating in a team environment
Solid written and verbal communication skills
Familiarity with the Xacta or DCSA eMass systems
Security Technical Implementation Guides (STIGs)
Information Assurance Vulnerability Alerts (IAVAs)
Security Content Automation Protocol (SCAP) Compliance Checker (SCC)
MS Windows Server – Group Policy Objects
MS Windows Server - Active Directory
MS Windows Server – System Administration
Reviewing MS Windows security event logs
Use of scanning tools and interpreting results
Security incident management
Working with hardware and software vendors
This position requires access to controlled technical data and/or participation in activities subject to the International Traffic in Arms Regulations (ITAR). As such, all applicants must be U.S. persons, as defined by ITAR (U.S. citizens, U.S. lawful permanent residents, or individuals with refugee/asylee status). Candidates who do not meet ITAR eligibility requirements will not be eligible for employment in this position.
group id: ClearanceJobsSC