SilverEdge
Information Systems Security Manager (ISSM)
SilverEdge, Mc Lean, Virginia, us, 22107
Overview
SilverEdge is a premier provider of innovative cyber, software and intelligence solutions addressing everyday challenges to meet mission goals across the DOD and Intel Communities and beyond. We are seeking a candidate to provide Information Systems Security Managment to the customer in support of a cutting edge program.
Responsibilities
Responsibilities to include but not limited too:
Manages Analysts engaged in ensuring the safety of information systems assets and protection of systems from intentional or inadvertent access or destruction.Porovide support for a program, organization, systems or enclaves. Support the Agency RMF Workflow and Processes by proposing, coordinating, implementing and enforcing information system security policies, instructions, standards, and methodologies.Coordinate with the Data Custodian, Project Owner, and ISSM to identify the types of information processed, assign the appropriate security categorizations to the information systems, determine the information security and privacy impacts, and manage information security and privacy risk. Document the controls in the information security and privacy plan (or equivalent document) to ensure implemented controls meet or exceed the minimal controls defined by CISO guidance.Maintain current system information in XACTA (e.g., POCs, artifacts) to support organizational requirements and processes (e.g., communication, contingency planning, training, data calls)Evaluate the impact of network and system changes using RMF processes.Ensure anomalies identified under the Sponsor's Information Security Continuous Monitoring activities are addressed and remediated in a manner that commensurate with the risks posed to the system from the anomalies.Submit recommendations to the stakeholders for system configuration deviations from the required baseline.Develop and maintain a system security plan (SSP)Conduct periodic reviews to ensure compliance with SSP.Ensure configuration management for security-relevant IS software, hardware and firmware is maintained and documented.Ensure system recovery processes are monitored to ensure security features and procedures are properly restoredEnsure all IS security-related documentation is current and accessible to properly authorized individualsFormally notify the appropriate individuals when changes occur that might affect authorizationParticipate in governance and project reviews identified by the SponsorQualifications
Required Qualifications:
Bachelor's Degree (in an IT-related field)11+ years of relevent experienceExperience with XACTA 360, Continuum and other SCAP Compliant toolsWorking experience with RMF, ICD 503, CNSSI 1253, NIST SP 800-53/53A, and STIGsExperienced in collaboration with IT and OT teams to integrate security best practices into OT OperationProficient in establishing required assumptions, constraints, risk tolerances, and risk management strategies to ensure organizations make consistent risk management decisions for the security and safety of OT systems.
Desired Qualifications:
Certified Ethical Hacker 10 (CEH), Certified Information Systems Security Professional (CISSP), Certified Information Systems auditor (CISA), NIST Cybersecurity Framework (NCSF), AWS Solutions Architect Associate or Professional as a cert qualification
SilverEdge is a premier provider of innovative cyber, software and intelligence solutions addressing everyday challenges to meet mission goals across the DOD and Intel Communities and beyond. We are seeking a candidate to provide Information Systems Security Managment to the customer in support of a cutting edge program.
Responsibilities
Responsibilities to include but not limited too:
Manages Analysts engaged in ensuring the safety of information systems assets and protection of systems from intentional or inadvertent access or destruction.Porovide support for a program, organization, systems or enclaves. Support the Agency RMF Workflow and Processes by proposing, coordinating, implementing and enforcing information system security policies, instructions, standards, and methodologies.Coordinate with the Data Custodian, Project Owner, and ISSM to identify the types of information processed, assign the appropriate security categorizations to the information systems, determine the information security and privacy impacts, and manage information security and privacy risk. Document the controls in the information security and privacy plan (or equivalent document) to ensure implemented controls meet or exceed the minimal controls defined by CISO guidance.Maintain current system information in XACTA (e.g., POCs, artifacts) to support organizational requirements and processes (e.g., communication, contingency planning, training, data calls)Evaluate the impact of network and system changes using RMF processes.Ensure anomalies identified under the Sponsor's Information Security Continuous Monitoring activities are addressed and remediated in a manner that commensurate with the risks posed to the system from the anomalies.Submit recommendations to the stakeholders for system configuration deviations from the required baseline.Develop and maintain a system security plan (SSP)Conduct periodic reviews to ensure compliance with SSP.Ensure configuration management for security-relevant IS software, hardware and firmware is maintained and documented.Ensure system recovery processes are monitored to ensure security features and procedures are properly restoredEnsure all IS security-related documentation is current and accessible to properly authorized individualsFormally notify the appropriate individuals when changes occur that might affect authorizationParticipate in governance and project reviews identified by the SponsorQualifications
Required Qualifications:
Bachelor's Degree (in an IT-related field)11+ years of relevent experienceExperience with XACTA 360, Continuum and other SCAP Compliant toolsWorking experience with RMF, ICD 503, CNSSI 1253, NIST SP 800-53/53A, and STIGsExperienced in collaboration with IT and OT teams to integrate security best practices into OT OperationProficient in establishing required assumptions, constraints, risk tolerances, and risk management strategies to ensure organizations make consistent risk management decisions for the security and safety of OT systems.
Desired Qualifications:
Certified Ethical Hacker 10 (CEH), Certified Information Systems Security Professional (CISSP), Certified Information Systems auditor (CISA), NIST Cybersecurity Framework (NCSF), AWS Solutions Architect Associate or Professional as a cert qualification