PMAT
Information Systems Security Manager
PMAT, San Diego, California, United States, 92189
About Us
PMAT is a non-traditional small business founded with the passion and ideas to deliver dynamic data solutions from exceptional people that increase the capability of the mission. We focus on designing and building impactful digital solutions that utilize modern cloud, data, and software concepts. We love working on complex and dynamic challenges such as edge platform computing, containerizing legacy platforms, distributed data platforms, or heterogeneous data analysis. We want to attract, retain and foster a company where motivation abounds to explore passions, investigate new ways of doing things, and where embodying a pioneering and entrepreneurial spirit is welcome. We believe in being ever curious about every element of a problem experimenting relentlessly. We look to foster a continuous learning behavior with a foundation of psychological safety to continue pushing the boundaries of our capabilities. We want to tap into collective intelligence, acknowledging that the smartest people may not be in the room. Above all else, we believe that delivering and showing something real is more powerful than a sheet of paper. We are passionate about mission-centric design delivering effective capabilities to and for the warfighter.
SUMMARY OF POSITION
The Sr. Information Systems Security Manager (ISSM) is responsible for the security of the information systems at the facility and certifies to DCSA that all security requirements and controls are in place and the system is properly configured, protected, and maintained. This ISSM will participate in technical research and development to enable continuing innovation within the cyberinfrastructure. The ISSM will also ensure that system hardware, operating systems, software systems, and related procedures adhere to organizational values.
ESSENTIAL FUNCTIONS
Manages and oversees the compliance and policy aspects for the company regarding information Assurance for systems and networks that contact government information.
Familiar with Defense Counterintelligence & Security Agency (DCSA) Risk management framework (RMF), eMASS, and Security Technical Implementation Guides (STIGs)
Work closely with the Facility Security Officer (FSO) and corporate leadership to ensure cyber and physical security standards are met.
Serve as Information Systems Security Manager (ISSM) for classified computers in DoD and Intelligence Community computing environments.
Oversees day-to-day security posture and continuous monitoring of IS, including security event log review and analysis.
Ensure system security measures comply with applicable government policies. Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
Maintain a thorough understanding of NIST 800-53 controls, and determine which controls apply to the application and document implementation in certification Assistant (CA).
Reviews and performs technical inspections to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional.
Monitors and resolves Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems.
Work with FSO on reviews and maintenance of security assessment and authorization documentation (e.g., IA SOP, SSP, MSSP, RAR, CA)
Work with FSO on preparation and maintenance of Cyber/IT security.
Other Functions
Support and maintain client asset management, including inventory, updates, repairs, and replacements.
Support backend client services, including antivirus, user access, and network administration.
Support client/server software applications in support of business processes. Trains end users as required on system changes.
Collaborates with Cyber and IT teams to support the execution of application changes, ensuring compliance and quality standards are part of the deployment.
Supports third-party applications that integrate with client/server software applications. (Microsoft Office GCC High, AWS, Connectwise, etc.)
Adhere to strict Information Systems security guidelines in all cases.
Proactively anticipates and meets customer needs. Must be a self-starter with a high sense of accountability.
Collaborates throughout the organization, seen as a trusted business partner in accomplishing work.
Work independently and professionally to ensure the IT team is meeting business expectations.
REQUIRED SKILLS, EDUCATION & EXPERIENCE
Any combination of education and experience providing the required skill and knowledge for successful job performance will be considered. Typical qualifications would be:
Must have previous ISSO or ISSM experience, preferably 2+ years
Must have excellent writing skills (email communication, procedure writing, etc.)
Must be familiar with classified computing environments in ICD-705, DoDIs 8500.01 & 8510.01, NIST SP 800-53, and Risk Management Framework (RMF); eMASS, NISPOM, DCSA, etc.
Must have a DoD 8570.01 Certification of IAT Level II Security+ CE, IAM Level II CISSP, or equivalent
This position must meet Export Control Compliance requirements; therefore, a "US Person" as defined by 22. C.F.R. is required.
PREFERRED QUALIFICATIONS
Bachelor’s degree preferred.
Technical certification preferred: Microsoft, Cisco, CompTIA CE, CISSP
3-5 years of experience in a desk-side support role serving end users.
3-5 years of experience supporting Windows 10 desktop operating systems.
3-5 years of experience supporting Microsoft Office applications. Office 2016, 2019, etc., years of experience using desktop imaging tools. (Windows Deployment Services, Acronis)
3-5 years of experience supporting enterprise Anti-Virus/Anti-Malware tools. (Agent Based tools, etc.)
3-5 years of experience supporting users with remote management tools.
3-5 years of experience supporting mobile devices. Apple/Android
3-5 years of experience supporting peripheral devices, including wireless peripherals. Barcode scanners, printers, etc.
Experience supporting Microsoft GCC High is a plus.
Experience securing systems using NIST RMF framework (eMASS) and Security Technical Implementation Guides (STIGs) standards
Clearance
Must be a US Citizen and have held a DoD security clearance in the past 2 years and be able to attain and maintain an active Top Secret clearance. Active DOD security clearance preferred.
TRAVEL
May be required to travel to other areas dependent on contractual needs.
WORKING CONDITIONS
Working conditions described here are representative of those that may be experienced by an employee on a daily basis while performing the functions of this job.
Typically sits for extended periods at a computer workstation
May access and work in the closed areas of equipment
While performing the duties of this job, the employee may be exposed to moving mechanical parts, fumes, and airborne particles
The employee may be exposed to vibration
The employee is occasionally exposed to caustic chemicals. The noise level in the work environment is usually moderate
May be required to travel to other site locations during the workday
May be required to work weekends to meet department and business demands
Knows that safety shoes are recommended in the closed area
PHYSICAL DEMANDS
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions.
Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus.
Must be able to sit, climb, balance, stoop, kneel, crouch, or crawl.
Must be able to see, talk, hear, touch, feel and reach with hands and arms.
Must be able to frequently walk & stand for short periods of time
Must be able to lift and move up to 35 pounds, occasionally lift and move objects up to50lbs.
PMAT is an equal-opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.
#CJ
#J-18808-Ljbffr
PMAT is a non-traditional small business founded with the passion and ideas to deliver dynamic data solutions from exceptional people that increase the capability of the mission. We focus on designing and building impactful digital solutions that utilize modern cloud, data, and software concepts. We love working on complex and dynamic challenges such as edge platform computing, containerizing legacy platforms, distributed data platforms, or heterogeneous data analysis. We want to attract, retain and foster a company where motivation abounds to explore passions, investigate new ways of doing things, and where embodying a pioneering and entrepreneurial spirit is welcome. We believe in being ever curious about every element of a problem experimenting relentlessly. We look to foster a continuous learning behavior with a foundation of psychological safety to continue pushing the boundaries of our capabilities. We want to tap into collective intelligence, acknowledging that the smartest people may not be in the room. Above all else, we believe that delivering and showing something real is more powerful than a sheet of paper. We are passionate about mission-centric design delivering effective capabilities to and for the warfighter.
SUMMARY OF POSITION
The Sr. Information Systems Security Manager (ISSM) is responsible for the security of the information systems at the facility and certifies to DCSA that all security requirements and controls are in place and the system is properly configured, protected, and maintained. This ISSM will participate in technical research and development to enable continuing innovation within the cyberinfrastructure. The ISSM will also ensure that system hardware, operating systems, software systems, and related procedures adhere to organizational values.
ESSENTIAL FUNCTIONS
Manages and oversees the compliance and policy aspects for the company regarding information Assurance for systems and networks that contact government information.
Familiar with Defense Counterintelligence & Security Agency (DCSA) Risk management framework (RMF), eMASS, and Security Technical Implementation Guides (STIGs)
Work closely with the Facility Security Officer (FSO) and corporate leadership to ensure cyber and physical security standards are met.
Serve as Information Systems Security Manager (ISSM) for classified computers in DoD and Intelligence Community computing environments.
Oversees day-to-day security posture and continuous monitoring of IS, including security event log review and analysis.
Ensure system security measures comply with applicable government policies. Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
Maintain a thorough understanding of NIST 800-53 controls, and determine which controls apply to the application and document implementation in certification Assistant (CA).
Reviews and performs technical inspections to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional.
Monitors and resolves Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems.
Work with FSO on reviews and maintenance of security assessment and authorization documentation (e.g., IA SOP, SSP, MSSP, RAR, CA)
Work with FSO on preparation and maintenance of Cyber/IT security.
Other Functions
Support and maintain client asset management, including inventory, updates, repairs, and replacements.
Support backend client services, including antivirus, user access, and network administration.
Support client/server software applications in support of business processes. Trains end users as required on system changes.
Collaborates with Cyber and IT teams to support the execution of application changes, ensuring compliance and quality standards are part of the deployment.
Supports third-party applications that integrate with client/server software applications. (Microsoft Office GCC High, AWS, Connectwise, etc.)
Adhere to strict Information Systems security guidelines in all cases.
Proactively anticipates and meets customer needs. Must be a self-starter with a high sense of accountability.
Collaborates throughout the organization, seen as a trusted business partner in accomplishing work.
Work independently and professionally to ensure the IT team is meeting business expectations.
REQUIRED SKILLS, EDUCATION & EXPERIENCE
Any combination of education and experience providing the required skill and knowledge for successful job performance will be considered. Typical qualifications would be:
Must have previous ISSO or ISSM experience, preferably 2+ years
Must have excellent writing skills (email communication, procedure writing, etc.)
Must be familiar with classified computing environments in ICD-705, DoDIs 8500.01 & 8510.01, NIST SP 800-53, and Risk Management Framework (RMF); eMASS, NISPOM, DCSA, etc.
Must have a DoD 8570.01 Certification of IAT Level II Security+ CE, IAM Level II CISSP, or equivalent
This position must meet Export Control Compliance requirements; therefore, a "US Person" as defined by 22. C.F.R. is required.
PREFERRED QUALIFICATIONS
Bachelor’s degree preferred.
Technical certification preferred: Microsoft, Cisco, CompTIA CE, CISSP
3-5 years of experience in a desk-side support role serving end users.
3-5 years of experience supporting Windows 10 desktop operating systems.
3-5 years of experience supporting Microsoft Office applications. Office 2016, 2019, etc., years of experience using desktop imaging tools. (Windows Deployment Services, Acronis)
3-5 years of experience supporting enterprise Anti-Virus/Anti-Malware tools. (Agent Based tools, etc.)
3-5 years of experience supporting users with remote management tools.
3-5 years of experience supporting mobile devices. Apple/Android
3-5 years of experience supporting peripheral devices, including wireless peripherals. Barcode scanners, printers, etc.
Experience supporting Microsoft GCC High is a plus.
Experience securing systems using NIST RMF framework (eMASS) and Security Technical Implementation Guides (STIGs) standards
Clearance
Must be a US Citizen and have held a DoD security clearance in the past 2 years and be able to attain and maintain an active Top Secret clearance. Active DOD security clearance preferred.
TRAVEL
May be required to travel to other areas dependent on contractual needs.
WORKING CONDITIONS
Working conditions described here are representative of those that may be experienced by an employee on a daily basis while performing the functions of this job.
Typically sits for extended periods at a computer workstation
May access and work in the closed areas of equipment
While performing the duties of this job, the employee may be exposed to moving mechanical parts, fumes, and airborne particles
The employee may be exposed to vibration
The employee is occasionally exposed to caustic chemicals. The noise level in the work environment is usually moderate
May be required to travel to other site locations during the workday
May be required to work weekends to meet department and business demands
Knows that safety shoes are recommended in the closed area
PHYSICAL DEMANDS
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions.
Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus.
Must be able to sit, climb, balance, stoop, kneel, crouch, or crawl.
Must be able to see, talk, hear, touch, feel and reach with hands and arms.
Must be able to frequently walk & stand for short periods of time
Must be able to lift and move up to 35 pounds, occasionally lift and move objects up to50lbs.
PMAT is an equal-opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.
#CJ
#J-18808-Ljbffr