Information Systems Security Manager (ISSM)
Company: Peraton
Location: Bellevue
Posted on: March 16, 2023
|
|
Job Description:
The Information Systems Security Manager (ISSM) will serve as
the principal advisor on all matters, technical and otherwise,
involving the security of classified information systems under
their purview in the Command Lab Environment for USSTRATCOM.
What you'll do:
The ISSM will be responsible for the following but not limited
to:
* Will perform assessments of systems and networks within the
networking environment or enclave and will identify where those
systems and networks deviate from acceptable configurations,
enclave policy, or local policy.which is achieved through passive
evaluations such as compliance audits and active evaluations such
as vulnerability assessments.
* Establishes strict program control processes to ensure mitigation
of risks and supports obtaining certification and accreditation of
systems.
* Includes support of process, analysis, coordination, security
certification test, security documentation, as well as
investigations, software research, hardware introduction and
release, emerging technology research inspections and periodic
audits.
* Ensures the implementation of the Risk Management Framework
(RMF), through the required government policy, make recommendations
on process tailoring, participate in and document process
activities.
* Perform analyses to validate established security requirements
and to recommend additional security requirements and safeguards.
Support the formal Security Test and Evaluation (ST&E) required
by each government accrediting authority through pre-test
preparations, participation in the tests, analysis of the results
and preparation of required reports.
* Document the results of Assessment and Authorization activities
and technical or coordination activity and prepare the System
Security Plans and update the Plan of Actions and Milestones
POA&M. Periodically conduct a complete review of each system's
audits and monitor corrective actions until all actions are
closed.
* Develops and maintains a formal IS security program and policies
for classified systems under their purview.
* Manage all Risk Management Framework (RMF) activities in
accordance applicable directives
* Manage all IA related support functions including installation,
configuration, troubleshooting, assistance, and/or training, in
response to customer requirements.
* Provide oversight and guidance of IA personnel performing system
analysis looking for patterns of non-compliance; ensure appropriate
administrative or programmatic actions which minimize security
risks and insider threats.
* Manage account processes, network rights, and access to Computing
Environment (CE), network environment systems and equipment.
* Manage the remediation/mitigation of security violations to
determine if the network environment has been breached, assess the
impact, and preserve the evidence.
* Provide oversight and guidance ensuring systems are properly
configured, optimized, and tested ensuring all policy and technical
requirements are met.
* Manage all IA related processes and procedures in the development
of and implementation of access control lists on routers,
firewalls, CE, printing devices, and other network devices.
* Assess the performance of IA security controls within the
environment. Develop and implement and effective IS security
education, training, and awareness program.
* Manage, maintain, and execute the IS continuous monitoring plan.
Identify IA vulnerabilities resulting from a departure from the
implementation plan or that were not apparent during testing.
Perform control validation and remediation validation of network
servers, routers, and switches to ensure they comply with security
policy, procedures, and technical requirements.
* Evaluate potential IA security risk and take appropriate
corrective and recovery action.
* Ensure that hardware, software, data and facility resources are
archived, sanitized, or disposed of in a manner consistent with
system security plans and requirements.
Required Qualifications:
Eduction: BS 8-10, MS 6-8, PhD 3-5
Clearance: Ability to obtain TS/SCI
Certifications: IA cert commensurate to IATT Level III (ie,
CISSP)
Desired Qualifications:
* CISSP
* CASP+ CE
* CISA
* GCED
* GCIH
* CISM
* GSLC
* CEH
* CAP
Peraton drives missions of consequence spanning the globe and
extending to the farthest reaches of the galaxy. As the world's
leading mission capability integrator and transformative enterprise
IT provider, we deliver trusted and highly differentiated national
security solutions and technologies that keep people safe and
secure. Peraton serves as a valued partner to essential government
agencies across the intelligence, space, cyber, defense, civilian,
health, and state and local markets. Every day, our employees do
the can't be done, solving the most daunting challenges facing our
customers.
An Equal Opportunity Employer including Disability/Veteran.
Colorado Salary Minimum: $80,300
Colorado Salary Maximum: $194,700
The estimate displayed represents the typical salary range for this
position, and is just one component of Peraton's total compensation
package for employees. Other rewards may include annual bonuses,
short- and long-term incentives, and program-specific awards. In
addition, Peraton provides a variety of benefits to employees.
Keywords: Peraton, Bellevue , Information Systems Security Manager (ISSM), Executive , Bellevue, Nebraska
Click
here to apply!
|