MindPoint Group
Information System Security Manager (ISSM)
MindPoint Group, Arlington, Virginia, United States, 22201
Information System Security Manager (ISSM)
Department: IS&P
Location: Arlington, VA
MindPoint Group is searching for an Information System Security Manager (ISSM) to support a law enforcement customer in Arlington, VA. The ISSM shall perform daily tasks involving system compliance validation, vulnerability management response coordination, data transfer (Low to High and High to Low), and ongoing audit review and correlation, as well as general support to ongoing continuous monitoring activities. The ISSM's primary function will be to provide oversight for a team of information system security officers for the organization-s overall cybersecurity strategy. The ISSM supports the implementation of robust cybersecurity measures that proactively identify and mitigate cyber threats. This exciting role requires an appetite for learning, superior attention to detail, the ability to meet tight deadlines, great organizational skills, and the ability to work in a highly collaborative environment.
Responsibilities:
Ensure that information system security requirements are addressed during all phases of an information system security lifecycle.
Assist with the creation of operational Operations and Maintenance (O&M) checklists to maintain the service (daily, weekly, monthly, and yearly O&M checklists); build Tactics, Techniques, and Processes (TTPs) and Standard Operating Processes (SOPs) associated with service checklists.
Develop and continuously update all Security Authorization documentation as required by the customer and applicable Risk Management Framework (RMF) packages using the current approved templates, forms, regulations, and methods. These documents include, but are not limited to SSP, SAR, Contingency Plan, IR Plan, CM Plan, SOPs, POAMs & Remediation Plans.
Assist ISSM/ISSO/ISSE with the Integration/Development of new techniques to improve Confidentiality, Integrity, and Availability for networks/systems operating at various classification levels.
Ensure that security improvement actions are evaluated, validated, and implemented as required.
Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals.
Identify information technology (IT) security program implications of new technologies or technology upgrades.
Participate in an information security risk assessment during the Security Assessment and Authorization process.
Participate in the development or modification of the computer environment cybersecurity program plans and requirements.
Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
Recognize a possible security violation and take appropriate action to report the incident, as required.
Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
Support the development of policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
Able to perform self-sustaining and work with little to no oversight.
Assist in analyzing technical risk, upon request, of emerging cybersecurity tools and processes.
Required:
At least 16 years of documented experience and/or education in IT or Cybersecurity
Masters degree in Information Systems, cybersecurity, Network Systems Technology, or related field
Experience with Authority to Operate (ATO) process, continuous monitoring, POA&Ms, Security Authorizations (SA), NIST 800-37, NIST 800-53 Rev4/ Rev5, NSM 8 and working with System Owners (SO)
Familiarity with information system security principles of NIST 800-171
In-depth knowledge of NIST special publications, CNSS policies and instructions
Ability to review, analyze, and interpret technical procedures against customer security requirements
Strong communication skills, both written and verbal
Certifications:
Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Technician Level III within 6 months of the date of hire
Clearance:
Secret Clearance Required
Location: Hybrid role with 2-3 days a week expected onsite in Arlington, Virginia
Additional Information:
All your information will be kept confidential according to EEO guidelines.
Highlights of our benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, maternity/paternity leave, pre-tax commuter benefits, the opportunity to participate in our mentorship program, and more!
MindPoint is committed to maintaining a diverse environment. All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.
Job applicants that are interested in one of our openings and may require a reasonable accommodation to participate in the job application or interview process, should contact us to request an accommodation.
Are you interested in a posted job opportunity but may not check all of the -boxes- for desired qualifications? If so, we encourage you to apply! Our commitment to sustain and champion an inclusive and dynamic community of employees is a high priority!
Text code ISSM to 202-915-6712 to apply!
Department: IS&P
Location: Arlington, VA
MindPoint Group is searching for an Information System Security Manager (ISSM) to support a law enforcement customer in Arlington, VA. The ISSM shall perform daily tasks involving system compliance validation, vulnerability management response coordination, data transfer (Low to High and High to Low), and ongoing audit review and correlation, as well as general support to ongoing continuous monitoring activities. The ISSM's primary function will be to provide oversight for a team of information system security officers for the organization-s overall cybersecurity strategy. The ISSM supports the implementation of robust cybersecurity measures that proactively identify and mitigate cyber threats. This exciting role requires an appetite for learning, superior attention to detail, the ability to meet tight deadlines, great organizational skills, and the ability to work in a highly collaborative environment.
Responsibilities:
Ensure that information system security requirements are addressed during all phases of an information system security lifecycle.
Assist with the creation of operational Operations and Maintenance (O&M) checklists to maintain the service (daily, weekly, monthly, and yearly O&M checklists); build Tactics, Techniques, and Processes (TTPs) and Standard Operating Processes (SOPs) associated with service checklists.
Develop and continuously update all Security Authorization documentation as required by the customer and applicable Risk Management Framework (RMF) packages using the current approved templates, forms, regulations, and methods. These documents include, but are not limited to SSP, SAR, Contingency Plan, IR Plan, CM Plan, SOPs, POAMs & Remediation Plans.
Assist ISSM/ISSO/ISSE with the Integration/Development of new techniques to improve Confidentiality, Integrity, and Availability for networks/systems operating at various classification levels.
Ensure that security improvement actions are evaluated, validated, and implemented as required.
Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals.
Identify information technology (IT) security program implications of new technologies or technology upgrades.
Participate in an information security risk assessment during the Security Assessment and Authorization process.
Participate in the development or modification of the computer environment cybersecurity program plans and requirements.
Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
Recognize a possible security violation and take appropriate action to report the incident, as required.
Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
Support the development of policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
Able to perform self-sustaining and work with little to no oversight.
Assist in analyzing technical risk, upon request, of emerging cybersecurity tools and processes.
Required:
At least 16 years of documented experience and/or education in IT or Cybersecurity
Masters degree in Information Systems, cybersecurity, Network Systems Technology, or related field
Experience with Authority to Operate (ATO) process, continuous monitoring, POA&Ms, Security Authorizations (SA), NIST 800-37, NIST 800-53 Rev4/ Rev5, NSM 8 and working with System Owners (SO)
Familiarity with information system security principles of NIST 800-171
In-depth knowledge of NIST special publications, CNSS policies and instructions
Ability to review, analyze, and interpret technical procedures against customer security requirements
Strong communication skills, both written and verbal
Certifications:
Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Technician Level III within 6 months of the date of hire
Clearance:
Secret Clearance Required
Location: Hybrid role with 2-3 days a week expected onsite in Arlington, Virginia
Additional Information:
All your information will be kept confidential according to EEO guidelines.
Highlights of our benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, maternity/paternity leave, pre-tax commuter benefits, the opportunity to participate in our mentorship program, and more!
MindPoint is committed to maintaining a diverse environment. All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.
Job applicants that are interested in one of our openings and may require a reasonable accommodation to participate in the job application or interview process, should contact us to request an accommodation.
Are you interested in a posted job opportunity but may not check all of the -boxes- for desired qualifications? If so, we encourage you to apply! Our commitment to sustain and champion an inclusive and dynamic community of employees is a high priority!
Text code ISSM to 202-915-6712 to apply!