Apply on Employer Site

Dobbs Defense Solutions · 1 month ago

Information System Security Manager (ISSM) - Level II

Montgomery County, MD

Full-time

Onsite

Senior Level, Lead/Staff

10+ years exp

Dobbs Defense Solutions is dedicated to delivering mission-centric IT, Cyber, and data analytics solutions for government and commercial clients. They are seeking an Information System Security Manager (ISSM) - Level II to serve as a principal advisor on all matters involving the security of information systems, providing management support for Information Assurance programs and ensuring compliance with security policies and standards.

AnalyticsBusiness IntelligenceCommercialCyber SecurityInformation Technology

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Provide management support for a program, organization, system, or enclave's Information Assurance program

Provide management support for proposing, coordinating, implementing, and enforcing Information System Security policies, standards, and methodologies

Manage operational security posture for an Information System or program to ensure Information System Security policies, standards, and procedures are established and followed

Provide management of security aspects of the Information System and perform day-to-day security operations of the system

Assist ISSEs and ISSOs with evaluating security solutions to ensure they meet security requirements for processing classified information

Manage the performance of vulnerability/risk assessment analysis to support security authorization

Provide management support to configuration management (CM) for information system security software, hardware, and firmware

Manage changes to systems and assess the security impact of those changes

Manage the process and preparation of documentation reviews to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs)

Support security authorization activities in compliance with NSA/CSS Risk Management Framework (RMF) process and DoD Information Assurance Certification and Accreditation Process (DIACAP)

Qualification

Information AssuranceCybersecuritySecurity AuthorizationDoD 8570 complianceRisk Management FrameworkVulnerability AssessmentCommunication ProtocolsEncryption TechniquesNetwork Security ServicesSoft Skills

Required

Ten (10) years of combined work-related experience in the fields of IT, cybersecurity or security authorization is required

Experience in several of the following areas is required: knowledge of current security tools, hardware/software security implementation; communication protocols; or encryption tools and techniques

Familiarity with commercial security products, security authorization techniques, security incident management, and PKI and authorization services

Bachelor's degree in Computer Science or a related field (e.g. General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Mathematics, Computer Forensics, Cybersecurity, Information Technology, Information Assurance, Information Security, and Information Systems) is required

In lieu of a Bachelor's degree, four (4) additional years of work-related experience may be substituted

DoD 8570 compliance with IAM II is required

The following certifications qualify: CAP, CND, Cloud+, GSLC, Security+ CE, HCISPP

Familiarity with Network Security Services and Chief Information Security Officer processes and procedures

Active TS/SCI with Poly