ISSM

McLean, VA

Job ID: 126408 Industry: Government

INFORMATION SYSTEMS SECURITY MANAGER

Candidate MUST HAVE a TS/SCI with a polygraph security clearance in order to be considered.

Program Description:

Our client’ s program provides Mission Support Services to this Intelligence Customer.   As part of this effort, they are looking for on an Information System Security Manager. The ISSM will provide advice/guidance to Sponsor on the implementation of security measures for information systems to regulate access to computer data files and prevent unauthorized modification, destruction, or disclosure of information; and Certification & Accreditation (C&A) deliverables/process.

Day to Day Responsibilities:
  • SENIOR Security Control Assessor, ideally with 10 plus years as a SCA and at least a couple years doing assessments in the Amazon Cloud environment.   The sponsor is looking for someone who knows the business and can take the rest of the team to the next level
  • Working knowledge of security vulnerability testing tools: Nessus, AppDetective, WebInspect, NMAP, & self-scans.
  • Experience with doing assessments (testing) in the Cloud (AWS/C2S/Cloud Experience).
  • Working knowledge of systems and network designs
  • Should have familiarization with Security Categorization and Control Selection
  • Prepares, maintains, and implements an SSP that accurately reflects the security protection measures for each classified information system for which he or she is responsible.
  • Provide written recommendations, in sufficient detail to permit the Information Systems Security Manager (ISSM) to make an informed, independent decision to grant and/or disapprove System Security Plans submitted for review.
  • Works closely with the System Administrator to maintain the system' s security and accreditation status.
  • Ensures implementation of these security measures by conducting security reviews of system tests (self-scans).
  • Verifies users' access requests are approved; controls users' access.
  • Ensures users are instructed on the appropriate use of computer systems.
  • Provide direct customer support for knowledge-based implementation of security features on laptops, workstations, servers, and network components as required.
  • Implements site procedures for marking, handling, controlling, removing, transporting, sanitizing, reusing, and destroying media/equipment containing classified information.
  • Should have a thorough understanding of the federal rules and regulations that encompass the SCI and collateral security process.
  • Security Categorization and Control Selection For National Security Systems (CNSS Instruction No. 1253), dated March 2014
  • ICD 503 Intelligence Community Information Technology Systems Security: Risk Management, Certification and Accreditation, September 15, 2008

Required:
  • Vulnerability Assessment Testing
  • Penetration Testing
  • ICD 503
  • AWS (Amazon)
  • Working knowledge of security vulnerability testing tools: Nessus, AppDetective, WebInspect, NMAP, & self-scans.

Desired:
  • CISSP

Job Type:  Full Time 

Not ready to apply?

Send an email reminder to:

Share This Job:

Related Jobs: