Geost, Llc
Information Systems Security Manager (ISSM)
Geost, Llc, Tucson, Arizona, United States, 85718
Position Title:
Information Systems Security Manager (ISSM)
Date Reviewed:
07/12/2024
Position Reports To:
Director of Security
FLSA Designation:
Exempt
Supervises Others:
Yes
EEO Job Category:
First/Mid-Level Officials & Managers
Home Office Location:
Tucson, AZ or Chantilly, VA
Pay Range:
$110,000 - $140,000.00
Hybrid/Remote Option:
No
FTE:
1.0
Position Summary
Geost seeks a motivated, customer-oriented Information Systems Security Manager (ISSM) to join our team in Tucson, AZ or Chantilly, VA. The ISSM will oversee the operational security posture to ensure Information Systems (IS) security policies, standards, and procedures are established and followed. A successful candidate will be motivated, results-oriented, and have a willingness to learn. They should possess strong customer service, communication, and organizational skills to thrive in an environment of varied and changing demands.
Duties and Responsibilities
Serve as the Information System Security Manager (ISSM) for stand-alone and networked classified information systems with responsibilities for all Risk Management Framework (RMF) activities required to obtain and maintain the Authorization to Operate (ATO) for all systems.
Develop and maintain operational security posture to ensure classified information systems (IS) security policies, standards, and procedures are established and followed.
Liase with adjacent program security components as well as US government counterparts and outside contractor employees to ensure compliance with government guidelines, regulations, and company policies.
Provides subject matter expertise to security leadership and senior management personnel concerning the application of best practices as well as maintain adherence to US government regulations for classified IT systems.
Initiate, update, and maintain classified information system authorization information in the Enterprise Mission Assurance Support Service (eMASS). Prepare and update all artifacts and control documentation in accordance with the current version of the DCSA Assessment and Authorization Process Manual (DAAPM)
Perform auditing, vulnerability/risk assessment analysis to support Assessment and Authorization (A&A).
Develop and implement RMF framework and A&A processes, specifically focused on developing SSP packages for achieving ATO for FISMA system.
Provide configuration management (CM) for information system security software, hardware, and firmware.
Oversee changes to the system and assesses the security impact of those changes.
Conduct assessment tests that include verification that the features and assurances required for each protection level are functional.
Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and Security Controls Traceability Matrix (SCTM).
Apply a full range of Information Assurance (IA) policies, principals, and techniques to maintain security integrity of information systems processing classified information.
Maintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades.
Manage a team of subordinate employees providing taskings and guidance to that team.
This position requires strong customer service and communication skills to effectively interact with the various staff and sponsor representatives.
Ability to support on-site work.
Ability to support travel or off-site work, as needed.
Perform other duties as assigned.
Required Qualifications
Bachelor's degree and minimum 10 years of experience.
An active U.S. Government Top Secret Security Clearance. Current SSBI is preferred.
Minimum five years of related information systems security experience in a security environment with demonstrated knowledge of classified IS operation.
Minimum of five years of experience with ICD 503, RMF Process.
Extensive DCSA and DAAPM experience and knowledge.
Working knowledge of Risk Management Framework (RMF) and creating a RMF System Security Plan in the enterprise Mission Assurance Support Service (eMASS).
Advanced experience working with relevant operating system security (Windows, Solaris, Linux, etc.).
Prior management of a team of subordinate employees.
CompTIA Advanced Security Practitioner (CASP), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP) certification (IAM Level III).
Security+ Certification.
Physical Requirements
Must be able to constantly operate a computer and other office productivity machinery for a majority of the shift.
Must be able to occasionally move materials and/or equipment weighing up to 25 pounds.
Must be able to complete tasks in a noisy environment.
Geost reserves the right to change or assign other duties to this position.
Benefits
Hired applicants may be eligible for benefits including but not limited to:
Health benefits
Paid time off
Holidays
401(k)
Tuition reimbursement
Leaves (Parental, pregnancy, and military)
Potential bonus
#J-18808-Ljbffr
Information Systems Security Manager (ISSM)
Date Reviewed:
07/12/2024
Position Reports To:
Director of Security
FLSA Designation:
Exempt
Supervises Others:
Yes
EEO Job Category:
First/Mid-Level Officials & Managers
Home Office Location:
Tucson, AZ or Chantilly, VA
Pay Range:
$110,000 - $140,000.00
Hybrid/Remote Option:
No
FTE:
1.0
Position Summary
Geost seeks a motivated, customer-oriented Information Systems Security Manager (ISSM) to join our team in Tucson, AZ or Chantilly, VA. The ISSM will oversee the operational security posture to ensure Information Systems (IS) security policies, standards, and procedures are established and followed. A successful candidate will be motivated, results-oriented, and have a willingness to learn. They should possess strong customer service, communication, and organizational skills to thrive in an environment of varied and changing demands.
Duties and Responsibilities
Serve as the Information System Security Manager (ISSM) for stand-alone and networked classified information systems with responsibilities for all Risk Management Framework (RMF) activities required to obtain and maintain the Authorization to Operate (ATO) for all systems.
Develop and maintain operational security posture to ensure classified information systems (IS) security policies, standards, and procedures are established and followed.
Liase with adjacent program security components as well as US government counterparts and outside contractor employees to ensure compliance with government guidelines, regulations, and company policies.
Provides subject matter expertise to security leadership and senior management personnel concerning the application of best practices as well as maintain adherence to US government regulations for classified IT systems.
Initiate, update, and maintain classified information system authorization information in the Enterprise Mission Assurance Support Service (eMASS). Prepare and update all artifacts and control documentation in accordance with the current version of the DCSA Assessment and Authorization Process Manual (DAAPM)
Perform auditing, vulnerability/risk assessment analysis to support Assessment and Authorization (A&A).
Develop and implement RMF framework and A&A processes, specifically focused on developing SSP packages for achieving ATO for FISMA system.
Provide configuration management (CM) for information system security software, hardware, and firmware.
Oversee changes to the system and assesses the security impact of those changes.
Conduct assessment tests that include verification that the features and assurances required for each protection level are functional.
Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and Security Controls Traceability Matrix (SCTM).
Apply a full range of Information Assurance (IA) policies, principals, and techniques to maintain security integrity of information systems processing classified information.
Maintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades.
Manage a team of subordinate employees providing taskings and guidance to that team.
This position requires strong customer service and communication skills to effectively interact with the various staff and sponsor representatives.
Ability to support on-site work.
Ability to support travel or off-site work, as needed.
Perform other duties as assigned.
Required Qualifications
Bachelor's degree and minimum 10 years of experience.
An active U.S. Government Top Secret Security Clearance. Current SSBI is preferred.
Minimum five years of related information systems security experience in a security environment with demonstrated knowledge of classified IS operation.
Minimum of five years of experience with ICD 503, RMF Process.
Extensive DCSA and DAAPM experience and knowledge.
Working knowledge of Risk Management Framework (RMF) and creating a RMF System Security Plan in the enterprise Mission Assurance Support Service (eMASS).
Advanced experience working with relevant operating system security (Windows, Solaris, Linux, etc.).
Prior management of a team of subordinate employees.
CompTIA Advanced Security Practitioner (CASP), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP) certification (IAM Level III).
Security+ Certification.
Physical Requirements
Must be able to constantly operate a computer and other office productivity machinery for a majority of the shift.
Must be able to occasionally move materials and/or equipment weighing up to 25 pounds.
Must be able to complete tasks in a noisy environment.
Geost reserves the right to change or assign other duties to this position.
Benefits
Hired applicants may be eligible for benefits including but not limited to:
Health benefits
Paid time off
Holidays
401(k)
Tuition reimbursement
Leaves (Parental, pregnancy, and military)
Potential bonus
#J-18808-Ljbffr