Information Systems Security Manager (ISSM)
- Military veterans preferred
2020-02-04 SAIC (www.saic.com)
San Diego California 92108 United States
SAIC currently has a career opportunity for an Information System Security Manager (ISSM) in San Diego, California. The Information Systems Security Manager (ISSM) will support information system life cycle activities from scoping systems for new programs and preparing Risk Management Framework packages, to reviewing regular maintenance, support and upgrades of systems during program execution, to program close-out and de-certification activities. Maintain day-to-day security posture and continuous monitoring of Information Systems (IS) including security event log review and analysis, end user account audits, etc.
· Ensure system security measures comply with applicable government policies. Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system. · Conduct internal vulnerability assessments of the IS to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional. · Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, RAR, SCTM). · Maintain thorough understanding of NIST 800-53 controls and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM). · Maintains awareness of upcoming customer / government driven changes and challenges and suggests approaches to meet those challenges. · Responsibilities also include those listed in DAAPM 2.0 Section 3.6 Information System Security Manager (ISSM) · Monitor system administration activities
Required Education and Experience:
· Active DoD Secret clearance. · Working knowledge of Risk Management Framework (RMF) and creating a RMF System Security Plan in the enterprise Mission Assurance Support Service (eMASS). · Experience with various information system security assessment/hardening tools - SCAP Compliance Checker, STIG Viewer, ACAS/Nessus, etc. · Able to initiate communication with SAIC management and Government agencies for support and/or compliance requirements. · Self-starter with the ability to operate independently without supervision. · Professional and effective interpersonal skills and attire along with the ability to provide face-to-face customer support are required. · More than 5 years of related information systems security experience in a security environment with demonstrated knowledge of classified IS operation. · Current/active DoD 8570.1M Professional Certification is required. Security+ certification is a minimum with the ability to obtain an IAM level II.
Desired Education and Experience:
· CompTIA Advanced Security Practitioner (CASP), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP) · Advanced experience in Windows 10 and Windows Server operating systems, specifically, as it relates to implementing security controls of the Operating System