Apply on Employer Site

CGI · 3 months ago

Information Systems Security Manager (ISSM), Senior

Arlington, VA

Full-time

Hybrid

Mid, Senior Level

$100K/yr - $200K/yr

5+ years exp

CGI Federal is seeking an Information Systems Security Manager (ISSM) within their Intel sector to advance national security through technology. The role involves developing and maintaining an information security program, managing security operations, conducting risk assessments, and advising leadership on security posture.

AnalyticsApplication Performance ManagementBusiness IntelligenceConsultingCyber SecurityFinanceInformation TechnologyTechnical Support

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Security Operations Management: Oversee daily security operations for both classified and unclassified systems, ensuring policies and procedures are established and followed

Risk Management: Conduct risk assessments, vulnerability analyses, and investigations to identify and mitigate threats and vulnerabilities

Compliance and Authorization: Implement and manage security plans, ensuring information systems comply with government regulations (like the Risk Management Framework - RMF) and maintain Authorization to Operate (ATO) status

Documentation: Create, review, and manage security-related documentation, including System Security Plans (SSPs), Risk Assessment Reports (RARs), and other cybersecurity artifacts

Incident Response: Develop and implement incident response plans, oversee investigations of security breaches, and ensure proper measures are taken to address incidents and vulnerabilities

Team Leadership: Attract, retain, and develop a skilled cybersecurity team, and oversee the implementation of security policies by team members

Configuration Management: Manage the configuration of systems, hardware, and firmware to maintain security integrity and control changes to systems

Strategic Leadership: Advise senior management and stakeholders on the organization's security posture, risks, and cybersecurity requirements

Awareness and Training: Develop and implement information security education and training programs to raise employee awareness of security issues

Qualification

Cybersecurity principlesRisk Management Framework (RMF)Security technologiesRisk assessmentSecurity Clearance TS/SCIGovernment regulations knowledgeIncident responseDocumentation managementTeam leadershipCommunication

Required

Bachelor's degree and/or 5 to 8 years of experience

TS/SCI required with the ability to obtain a TS/SCI with Poly highly desired

Proficiency in cybersecurity principles, risk management frameworks (like RMF), and security technologies

Ability to lead and develop a cybersecurity team

Strong communication skills to advise leadership, interface with government agencies, and collaborate with various stakeholders

Expertise in conducting technical and administrative assessments to evaluate security risks

Understanding of government regulations and compliance standards (such as DoD, NIST, FIPS, and CNSS policies) relevant to information systems security