Apply on Employer Site

Rividium Inc · 12 hours ago

Information Systems Security Manager - Intermediate

Springfield, VA

Full-time

Onsite

Mid Level

RiVidium Inc, (dba TripleCyber), is seeking an individual to be responsible for the cybersecurity of a program, organization, system, or enclave. The role involves acquiring resources for IT security, advising senior management on security posture, and ensuring the effectiveness of cybersecurity safeguards.

AnalyticsInformation TechnologySoftware

Responsibilities

Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk

Acquire necessary resources, including financial resources, to conduct an effective enterprise continuity of operations program

Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture

Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs, policies, processes, systems, and elements

Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture

Collect and maintain data needed to meet system cybersecurity reporting

Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders

Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance

Ensure that security improvement actions are evaluated, validated, and implemented as required

Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment

Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s)

Ensure that protection and detection capabilities are acquired or developed using the IS security engineering approach and are consistent with organization-level cybersecurity architecture

Establish overall enterprise information security architecture (EISA) with the organization's overall security strategy

Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed

Evaluate cost/benefit, economic, and risk analysis in decision-making process

Identify alternative information security strategies to address organizational security objectives

Identify information technology (IT) security program implications of new technologies or technology upgrades

Interface with external organizations (e.g., public affairs, law enforcement, Command or Component Inspector General) to ensure appropriate and accurate dissemination of incident and other Computer Network Defense information

Interpret and/or approve security requirements relative to the capabilities of new information technologies

Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program

Lead and align information technology (IT) security priorities with the security strategy

Lead and oversee information security budget, staffing, and contracting

Manage the monitoring of information security data sources to maintain organizational situational awareness

Manage the publishing of Computer Network Defense guidance (e.g., TCNOs, Concept of Operations, Net Analyst Reports, NTSM, MTOs) for the enterprise constituency

Manage threat or target analysis of cyber defense information and production of threat information within the enterprise

Monitor and evaluate the effectiveness of the enterprise's cybersecurity safeguards to ensure that they provide the intended level of protection

Oversee the information security training and awareness program

Participate in an information security risk assessment during the Security Assessment and Authorization process

Participate in the development or modification of the computer environment cybersecurity program plans and requirements

Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations

Provide enterprise cybersecurity and supply chain risk management guidance for development of the Continuity of Operations Plans

Provide leadership and direction to information technology (IT) personnel by ensuring that cybersecurity awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities

Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies

Ability to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements)

Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations

Qualification

Cybersecurity managementRisk assessmentInformation security architectureIncident responseAWSLog auditingITIL V4 FoundationLeadershipCommunicationCollaboration

Required

Associate's degree or higher from an accredited college or university (Prefer an accredited Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree, or a degree in a Mathematics or Engineering field.)