Apply on Employer Site

Amentum · 2 weeks ago

Information Systems Security Manager (ISSM) 2 - TS/SCI w/Poly

Fort Meade, MD

Full-time

Onsite

Senior Level, Lead/Staff

$175K/yr - $217K/yr

10+ years exp

Amentum is seeking an Information Systems Security Manager (ISSM) to support mission-critical projects in the Cyber, Security, & Intel space. The ISSM will manage the Information Assurance program, ensuring compliance with security policies and overseeing daily security operations.

Mechanical EngineeringSecurityTechnical Support

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Provide management support for a program, organization, system, or enclave's Information Assurance program

Provide management support for proposing, coordinating, implementing, and enforcing Information System Security policies, standards, and methodologies

Manage operational security posture for an Information System or program to ensure Information System Security policies, standards, and procedures are established and followed

Provide management of security aspects of the Information System and perform day-to-day security operations of the system

Assist ISSEs and ISSOs with evaluating security solutions to ensure they meet security requirements for processing classified information

Manage the performance of vulnerability/risk assessment analysis to support security authorization

Provide management support to configuration management (CM) for information system security software, hardware, and firmware

Manage changes to systems and assess the security impact of those changes

Manage the process and preparation of documentation reviews to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs)

Support security authorization activities in compliance with NSA/CSS Risk Management Framework (RMF) process and DoD Information Assurance Certification and Accreditation Process (DIACAP)

Perform requirements gathering and analysis of said requirements

Perform functional analysis to identify required tasks and their interrelationships

Identify and map current security infrastructure as a foundation to define future programs

Collaborate with engineers on systems integration efforts

Plan and coordinate implementation of IT security programs and policies

Analyze user needs to determine functional and cross-functional requirements

Gather and organize technical information about an organization's mission goals and needs, existing security products, and ongoing programs in the multi-level security arena

Perform functional allocation and identify resources required for each task

Perform risk analysis that also includes risk assessment

Enable Government planning, coordination, and oversight of organizational implementation of information security services

Enable design and implementation of future IT systems and related security

Assist Program Managers with administrative and technical oversight with specific programs within the portfolio

Facilitate issue resolution through integrated product teams and Technical Exchange Meetings (TEM)

Provide support for a program, organization, system, or enclave's information assurance program

Provide daily oversight and direction to contractor ISSOs

Oversee efforts of engineering staff to design, develop, engineer, and implement solutions to security requirements

Interact with customers, IT staff, and high-level corporate officers to define and achieve required Cybersecurity objectives

Serve as the Program's ISSM

Enable the Government with the development and implementation of NSA IT security services

Collaborate with engineers on systems integration and life cycle requirements

Advise Program Managers on administrative and technical oversight matters regarding portfolio programs

Enable Program Managers with administrative and technical oversight assistance with specific programs within the portfolio

Enable design and implementation of future IT systems and related security

Qualification

Information AssuranceSecurity AuthorizationRisk Management FrameworkCyber SecurityIAM Level II CertificationVulnerability AssessmentConfiguration ManagementPKI ServicesFunctional AnalysisTechnical OversightIssue ResolutionCollaboration

Required

Compliance with DoD 8570.01-M with a minimum certification of IAM Level II is required

Ten (10) years of related work experience in the field of security authorization

Bachelor's degree in Computer Science, Cyber Security or IT Engineering is required

+ In lieu of a Bachelor's degree, an additional four (4) years of work-related experience may be substituted for a total of fourteen (14) years

Experience in the following areas is required: Knowledge of current security tools, hardware/software security implementation; communication protocols; or encryption tools and techniques

Familiarity with commercial security products, security authorization techniques, security incident management, and PKI and authorization services

Active TS/SCI with Polygraph