Information System Security Manager (ISSM)
Location: King Of Prussia
Posted on: September 16, 2018
Description The Advanced Solutions Group (ASG) at Leidos currently has an opening for an Information System Security Manager (ISSM) to work in our King of Prussia, PA office. This is an exciting opportunity to use experience helping multiple contract missions. The candidate will perform Information System Security Manager (ISSM) duties to include establish and document standard security procedures in accordance with the NIST RMF, NISPOM/DAAPM and JSIG requirements. The ISSM will; coordinate with business area managers and professional staff on system security compliance; be responsible for maintaining RMF Information System ATOs; conduct periodic reviews to ensure compliance with established policies and procedures; ensure all software, hardware and firmware changes are recorded as required by established configuration management procedures; ensure implementation of security features for the detection of malicious code, viruses, and intruders (hackers), as appropriate; ensure systems are operated, maintained and disposed of in accordance with applicable governing policies and procedures; assist in performing IS security briefings to authorized individuals prior to users gaining access to classified information systems; report all security incidents to appropriate management and security personnel; investigate, document and report, as well as provide protective and corrective measures in response to such incidents.
The position also includes Contractor Program Security Officer (CPSO) responsibilities to include; analysis of complex Special Access Program (SAP) security requirements concerning physical security, personnel security, document control, classification management, badging, visits, security awareness and operations support. The CPSO capable of working independently as well as with a team of analysts trained in operations research, mathematics, and other skills.
Roles and Responsibilities:
- Ensure system support needs are met for certification & accreditation, system implementation, operation & maintenance, and IA compliance.
- Engineer, implement, and enforce technical and administrative security measures and processes to ensure all system achieve and maintain government compliance with directives outline in the JAFAN 6/3, JSIG, ICD 503, DODIIS, NIST RMF and NISPOM / DAAPM.
- Responsible for maintaining System Security Plans (SSP) and all documentation associated with Federal Information System Management Act
- Assist with providing security solutions to optimize performance and ensure security measures are optimized.
- Install, configure and maintain network equipment such as switches, end point protection, patches, firewalls and intrusion detection systems
- Support the Information Systems Certification and Accreditation process as needed.
- Responsible for implementing and maintaining security policies and procedures
- Responsible for ensuring proper protection or corrective measures have been taken when an incident or vulnerability has been discovered.
- Responsible for responding to security incidents and for investigating and reporting security violations and incidents, as appropriate.
- Assist with maintaining the information security education program, including leading training as required.
- Develop and implement security practices and procedures.
- Work closely with Facilities personnel and maintain oversight of construction of Special Access Program Facilities (SAPFs) and DoD Closed Areas to ensure security safeguards are appropriately applied
- Provide security recommendations and guidance for new and renovated facilities/closed areas.
- Perform security surveys to determine if facilities meet requirements for accreditation (post-construction)
- Write physical security process and procedure documents for SAPFs and DoD Closed Areas.
- Complete personnel security actions including reviewing and processing program access requests, and visit requests.
- Lead security education activities.
- Investigate and remediate security incidents.
- Ability to work as a team.Qualifications Qualifications To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:
- Bachelor's degree and 12+ years related experience in Information Systems, Computer Science or related field. Additional relevant experience, training, and / or certification may be considered in lieu of degree.
- Strong experience with Information Security, supporting processes and procedures.
- Strong writing and verbal communications skills.
- Candidates must have an active Top Secret clearance with a current SCI or SCI eligible.
- Security + Certification must be obtained within 6 months of hire.
Candidates with these desired skills will be given preferential consideration:
- Highly desired are security certifications, including a CISSP or CISM.
- Additional desired certifications include CCNA, CCSP, MCSE, and/or SANS GIAC.
- Experience with Windows and Linux Administration.
- CISSP Certification
Keywords: Leidos, Philadelphia , Information System Security Manager (ISSM), IT / Software / Systems , King Of Prussia, Pennsylvania
Didn't find what you're looking for? Search again!