Apply on Employer Site

STR · 2 months ago

Information Systems Security Manager

Woburn, MA

Full-time

Onsite

Mid, Senior Level

$136K/yr - $175K/yr

3+ years exp

Systemstechnologyresearch is a growing technology company specializing in advanced research and development for defense, intelligence, and national security. The Information Systems Security Manager will be responsible for compliance oversight, assessment, and operations of systems, ensuring adherence to various US Government requirements while collaborating with other cybersecurity professionals.

Artificial Intelligence (AI)Machine Learning

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Responsible for the Cybersecurity program as stipulated by various US Government requirements including (but not limited to): Joint Special Access Implementation Guide (JSIG), Intelligence Community Directive (ICD) 503, DCSA Assessment and Authorization Guide (DAAG), and the National Industrial Security Operating Manual (NISPOM)

Perform Assessment and Authorization (A&A) activities, including testing of security controls and preparing/maintaining documentation such as: Standard Operating Procedures (SOP), System Security Plan (SSP), Risk Assessment Report (RAR), Security Controls Traceability Matrix (SCTM), Plan of Action and Milestones (POA&M) reports, etc

Maintain thorough understanding of NIST SP800-53 controls, determines controls applicable to the application, and documents control implementation in the SCTM

Manage and maintain Continuous Monitoring (ConMon) of assigned networks by performing periodic self-inspections, tests, and technical reviews to ensure workstations and servers operate as authorized and accredited

Coordinate with program and project stakeholders, Cybersecurity staff (including other ISSMs, ISSOs, and ISSEs), the Facility Security Officer (FSO), the Contractor Special Security Officer (CSSO), and other Security and IT team members to define, implement, and maintain an acceptable information systems security posture

Responsible for security sustainment activities including (but not limited to): hardware change management, software change management, account management, media protection, user interface, file transfers, etc

Assists the FSO, CSSO and Computer Incident Response Team (CIRT) in data spill incident response

Perform other tasks as assigned by manager

Qualification

DoD 8140/8570 IAM Level IIINIST SP800-53 controlsAssessmentAuthorizationVulnerability toolsAuthorization databasesCustomer serviceCommunicationCritical thinkingDetail-orientedTeamwork

Required

Active Top Secret security clearance with the ability to obtain SAP and SCI access (U.S. citizenship required)

DoD 8140/8570 IAM Level III certification (CISM, CISSP, etc.)

3-5 years as an ISSM implementing JSIG, DAAG, and/or ICD 503 IS requirements

Previous security experience in a SAP/SCI environment

Experience with configuration, certification, and auditing/analysis of Windows/Linux operating systems in Peer-to-peer, LAN, and WAN network environments

Familiarity with vulnerability, compliance, and audit tools (Nessus, SCAP, Splunk, etc.)

Understanding of authorization/accreditation databases (eMASS, Xacta, SNOW, etc.)

Excellent communication skills

Strong critical thinking and problem-solving skills

Detail-oriented and self-motivated

Ability to effectively prioritize multiple projects

Strong customer service skills

Ability to work well in a team environment and adapt to changing project priorities