Information System Security Manager (ISSM)

Description Applied Research Associates (ARA), Inc. has an immediate need for an experienced IT Professional to serve as an Information System Security Manager (ISSM) for ARA's Integrated Missions Systems (IMS) located in Raleigh, NC. The candidate designated as ARA's ISSM will support multiple programs applying Information System (IS) security principles, practices, and procedures under Risk Management Framework (RMF) to maintain compliance with appliable security regulations, such as NIST, CNSSI, and 32 CFR Part 117 (NISPOM), DAAPM, ICD 705, and JSIG governing the development and management of classified information systems. ISSM will be responsible for managing the ISSO and ISSE teams by providing guidance and support pertaining to day-to-day operations. For this position, ARA will only consider applicants with an active SECRET Security Clearance or higher. Position is not eligible for remote work schedule. What you'll do as an Information Systems Security Manager (ISSM): Develop, maintain and overseeing the system security program and policies implemented across multiple connected and disconnected information systems. Coordinate, review, validate, and approve all activities, which contribute to the Assessment and Authorization (A&A) of automated information systems. Collaborate with Project Managers (PMs) or Information System Owners (ISO) in maintaining current authorization to operate, and approval to connect for all systems and networks, and in implementing corrective actions identified in the plan of action and milestones. Develop policy, guidance, and establish implementation and oversight plans to ensure compliance with Risk Management requirements. Develop and maintain a comprehensive System-level Continuous Monitoring (SLCM) strategy and monitor any proposed or actual changes to the system and its environment. Conduct recurring Cybersecurity reviews on information systems in accordance with DoD RMF practices, DCSA Assessment and Authorization Process Manual (DAAPM), NIST 800-53 Special Publications, customer directives, and company policies as applicable. Execute the security testing and evaluation to ensure the correct implementation of security requirements. Manage various government security reviews. Supervise and provide guidance and technical training to ISSOs, ISSEs within the IMS Cybersecurity Services team. Performs other duties as assigned. Information Systems Security Manager (ISSM) Position Requirements: 6-8 years of previous experience as an ISSM or ISSO is required. Bachelor's degree with 8-10 years of experience, Master's with 6-8 years of experience or equivalent professional experience (at least 14 years) will be considered for talented candidates without a degree. Must possess, at a minimum, an active Secret clearance. Experience with security assessment/hardening tools, i.e., STIGs, SCAP, ACAS, etc. Experience with the 32 CFR Part 117, National Industrial Security Program Operating Manual (NISPOM), DCSA Assessment and Authorization Process Manual (DAAPM), Department of Defense (DoD) regulations, Intelligence Community Directives (ICDs) and Security Technical Implementation Guides (STIGs). Experience managing system packages within DoD's Enterprise Mission Assurance Support Service (eMASS) systems. Possess strong understanding of computer operating systems (Windows and Linux), software and computer hardware. Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities. Possess DoD Approved Baseline Certification as Information Assurance Manager Level I or IATT Level III in accordance with DoD 8570.01-M or have the ability to get one within 3 months of hire (CISM, CISSP or other). Must be able to initiate communication with senior management and various government agencies for support and/or compliance requirements. Ability to lift and move computer equipment including workstations, servers, printers, scanners, monitors, etc. Information Systems Security Manager (ISSM) Position Preferences: Highest degree of personal and professional integrity and ethics. Strong organizational and administrative skills. Proficient with Microsoft Word, Excel, PowerPoint, and Outlook. Experience with the 32 CFR Part 117, National Industrial Security Program Operating Manual (NISPOM), Department of Defense Directives 5200.01, volumes 1-4, and Intelligence Community Directive 705. Proficient in IA Security specifications such as Risk Management Framework (RMF) and NIST SP 800-53. Trained and proficient in Assured File Transfer (AFT) procedures. Who is ARA? Do you want to work for a purpose? Applied Research Associates, Inc. (aka ARA) is an employee-owned international research and engineering company. We have been providing technically superior solutions to complex and challenging problems in the physical sciences since 1979. ARA has over 2,0771 employee owners and continues to grow rapidly. Together, our offices throughout the U.S. and Canada provide a broad range of technical expertise in defense, civil, and health technologies, computer software and simulation, systems analysis, environmental technologies, and testing and measurement. ARA also prides itself, on having a challenging culture where innovation & experimentation are the norm. The motto, 'Engineering and Science for Fun and Profit' sums up the ARA experience. Employee ownership ensures you have a voice with what happens in the company. We are also very proud of our Women's Initiative Network (WIN), whose purpose is to motivate, support, and encourage professional career development for women to maximize career and professional accomplishments. To find out more about what the Integrated Mission Systems Sector has to offer, visit our website at To learn more about our generous benefits program including health, life & disability, retirement, flexible spending, rewards & recognition, work/life balance, professional development and relocation visit Qualifications Education Preferred Bachelors or better Licenses & Certifications Preferred Comp TIA Security+ Cert Info Sys Secur Prof Experience Required 8-10 years: Relevant Experience Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)