Information Systems Security Manager
Information Systems Security Manager
Industry: Aerospace / Aviation / Defense
Job Category: Information Technology – Security
Job Description:
The Information Systems Security Manager manages a team of professionals in the design, development, implementation, and operation of security programs across the enterprise. This person will oversee information systems security engineering and operations activities, including daily oversight of ISSO and ISSE efforts in the continuous monitoring of authorized systems, including device and system hardening, anomalous activity detection and response, security management applications, review of security documentation, and project engineering. Specific duties will include providing technical direction and oversight to infrastructure ISSOs performing:
- Vulnerability scanning and remediation
- SIEM, & Firewall configuration, deployment, and maintenance
- Assessment & Authorization
- Deployment, implementation, and strategy of tools and related Network Security Management Systems
- Works with a Program Manager (SCRUM) to provide regular status reporting of security team projects to senior management and customers
- Responsible for process definition and assurance for network security functions, ensuring configuration documents for deployed security solutions remain current and complete
- Regularly attends conferences and seminars to represent program security interests and keep program abreast of current technologies
- Responsible for senior level incident investigation
Qualifications:
- BS/BA degree in Information Security, Computer Science or a related field
- MS in Information Security, Computer Science or a related field plus 10 years of experience
- Must have a Top Secret/SCI Security Clearance
- A minimum of 7 total years related experience, with specific experience in the following targeted areas:
- Experience with security control implementation per NIST 800-53, JSIG, CNSSI 1253, and/or ISFO Manual
- Configuration management & change control
- Vulnerability assessment and remediation
- POA&M creation & management
- Operating system & network device hardening
- SIEM tool configuration and management
- IS Security documentation creation & proofreading.
- Secure network design,
- Incident remediation & response management
- IS Security project management.
- CISSP certification.
- Minimum of 8 years managing a team of Security professionals responsible for continuously monitoring highly secure systems.
- Minimum of 8 years leading IT & IS Security project teams in moving established security & IT processes to RMF-compliant processes.
Preferred Additional Skills:
- CISA or SANS GIAC security certifications strongly desired.
- DCID 6/3, JAFAN 6/3, NISPOM Ch8, or DIACAP Certification and Accreditation experience.
- ITIL v3.0 Foundation certification.
- Ability to lead a team and provide career leadership direction to team members desired.
- Experience in leading network security projects in the Government sector is strongly desired.
- Ability to make decisions quickly as well as demonstrating sound judgment in balancing risk with business needs to offer customers and management optimal security solutions.
- Flexibility to adjust to changing requirements, schedules, and priorities.
- Ability to socialize ideas, make recommendations and gather team consensus to move forward.
- Must have exceptional verbal, written, interpersonal, and presentation skills as well as strong ability to lead and mentor teammates.
Security Clearance:
This position requires the candidate to already possess and maintain an active Top-Secret Security. Clearance with SCI Access or can obtain one immediately. To obtain a clearance, you need to be a US Citizen and show proof of citizenship.