Apply on Employer Site

Boeing · 5 hours ago

Cybersecurity - Information System Security Manager (ISSM)

USA - Oklahoma City, OK

Full-time

Onsite

Mid, Senior Level

$117K/yr - $159K/yr

3+ years exp

The Boeing Company is a leading aerospace company currently seeking a highly motivated Cybersecurity – Information System Security Manager (ISSM) to join their team in Oklahoma City, OK. The ISSM will be responsible for ensuring all Information System Security policies and standards are enforced, supporting assessment, authorization, and continued operation of information systems processing classified information.

AerospaceIndustrial

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Perform security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted industry and government standards

Lead and implement the Assessment and Authorization (A&A) processes under the Risk Managed Framework (RMF) for new and existing information systems

Facilitate development of Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acceptance Letters (RAL) and support Continuous Monitoring (CONMON)

Configure management of assigned systems; auditing systems to ensure security posture integrity

Lead staff with assessments and test/analysis data to document state of compliance with security requirements

Conduct risk assessments and investigations, implement appropriate risk mitigations, and coordinate incident response activities

Conduct periodic hardware/software inventory assessments

Serve as organization spokesperson on sophisticated projects and programs

Acts as advisor to management and customers on sophisticated technical research studies

Collaborate with the appropriate government customers, suppliers, and company personnel to implement protective mechanisms and to ensure understanding of and compliance with cybersecurity requirements

Supervises the development and deployment of program information security for all program systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures

Handles assigned team to facilitate effective execution of Risk Management Framework (RMF)

Provides guidance and mentor to support team within Information Security

Leads and performs security compliance continuous monitoring

Coordinates and participates in security assessments and audits

Prepares, reviews, and presents technical reports and briefings

Identifies root causes, prioritizes threats and recommends and/or implements corrective action

Explores the enterprise and industry for evolving state of industry knowledge and methods regarding information security best practices

Leads development of enterprise-wide information security policies, standards, guidelines and procedures that may reach across multiple partner organizations

Qualification

CISSPRisk Management Framework (RMF)Information Assurance (IA)NESSUSCISMGSLCSoft Skills

Required

Currently hold certification in good standing to satisfy IAM Level III (CISSP, GSLC, or CISM)

3+ years of experience in cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. DAAPM, CNSSI 1253, ICD-503, JSIG, or NIST SP 800 series

Preferred

3+ years of experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs

3+ years of experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS

3+ years of experience in assessing and documenting test or analysis data to show cyber security compliance