Apply on Employer Site

GCI Incorporated · 7 hours ago

Information Systems Security Manager - TS/SCI with Poly Required

Chantilly, VA

Full-time

Onsite

Senior Level

GCI Incorporated is dedicated to providing high-value mission solutions through excellence, integrity, and professionalism. They are seeking an Information Systems Security Manager (ISSM) to design, develop, and implement secure network architecture while ensuring compliance with security requirements and regulations throughout the lifecycle of the A&A process.

Information Technology & Services

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Work with technical team to design, develop, test, and implement new networks and network architecture using current technology, to include authorization and accreditation

Work with the technical team to complete requirements to obtain all required approvals and maintain compliance throughout the full lifecycle of the A&A process

Work with the customer and users to identify and develop system requirements taking into account the desired results, hardware limitations and operating requirements, identified by the Customer

Work with technical team to provide operational testing and recommendations for continuous improvement of equipment and software in support of customer's goals and objectives

Work with the technical team to coordinate across the customer's organization and business partners to expedite operational approvals

Analyze new technologies, hardware, and software to determine the applicability and need for the existing or proposed system, to include security, storage, and network technology

Ensure compliance with the customer's security requirements, incl. those related to data protection, access control, and incident response

Develop and assist with implementing security controls to protect customer systems and data, including firewalls, multi-factor authentication, and encryption

Work with the technical team to conduct internal risk assessments to identify potential security risks and develop mitigation strategies to address them

Prepare and maintain security documentation, incl. System Security Plans, Security Assessment Reports, and Plans of Action and Milestones

Coordinate with the customer's security team to ensure projects meet the Sponsor's security requirements and to address any security-related issues

Implement the customer's A&A process, including preparing and submitting required documentation and leading the team in A&A meetings and reviews

Ensure projects comply with relevant regulations and standards, including those related to data protection and cyber security, such as Defense Information Systems Agency Security Technical Implementation Guides (DISA, STIGs)

Develop and maintain an incident response plan to respond to security incidents, including data breaches and system compromises

Conduct security testing and validation to ensure customer systems and data are secure, including vulnerability scanning and systems hardening

Maintain compliance with the customer's continuous monitoring requirements

Support technical exchange meetings on business and technical requirements

Qualification

A&A processCyber security requirementsSecure communication solutionsCloud infrastructureIncident response planSecurity documentationTechnical system designCompTIA Network+CompTIA Security+CISSPEC-Council CEHSystem security implementationVulnerability scanningTroubleshooting system

Required

Demonstrated experience with designing and implementing secure communication solutions

Demonstrated experience with implementing infrastructure in public cloud

Demonstrated experience with the Intelligence Community Directive (ICD) 503 Assessment and Accreditation (A&A) process and acquiring necessary approvals to develop, implement and operate systems

Demonstrated experience with the A&A processes and cyber security requirements as well as experience with coordinating with multiple entities or organizations to obtain necessary approvals to achieve and maintain Authority to Operate (ATO) status

Demonstrated experience addressing and implementing system security

Demonstrated experience triaging and troubleshooting system

Demonstrated experience producing technical system

Demonstrated experience with designing and implementing cloud-hosted infrastructure for use with mobile and commercial applications

Demonstrated experience in information

Demonstrated experience transferring, handling, and securing sensitive

Demonstrated experience developing system design

Demonstrated experience developing and briefing system designs to both technical and non-technical audiences to obtain operational and security approvals

Certifications: CompTIA Network+, CompTIA Security+, and ISC2 Certified Information Systems Security Professional (CISSP)

A candidate must be a US Citizen and requires an active/current TS/SCI with Polygraph clearance

Preferred

Demonstrated experience with customer systems, architecture, and data

Demonstrated experience providing coordination across customer's organization and business partners to expedite technology approval

Demonstrated experience with the customer's A&A process and cyber security requirements as well as experience with coordinating across the customer organization to obtain necessary approvals to achieve and maintain Authority to Operate (ATO) status

Demonstrated experience developing system design diagrams using customer provided tools

Certification: EC-Council Ethical Hacker (CEH)

Company

GCI Incorporated

GCI is an Engineering and IT Services company focusing on Data Analytics, Engineering, Cyber Operations, Targeting and Analysis, Operations Solutions and Training.

Founded in 1989