Information Systems Security Manager (ISSM)

Own Your Future.Modern Technology Solutions, Inc. (MTSI) is seeking an Information System Security Manager (ISSM) with a Top Secret Clearance in Dayton, Ohio.Responsibilities:Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures.Generate and maintain required Information System (IS) security documentation including Systems Security Plans (SSP), Information Assurance Standard Operating Procedures (IA SOP), Continuous Monitoring Plans, Security Control Traceability Matrices (SCTM), Risk Assessments, Plan of Action & Milestones (POA&M), equipment specifications, practices and procedures.Assume Information System Security Officer (ISSO) responsibilities in their absence.Maintain customer-required Information Assurance (IA) certifications.Maintain day-to-day security posture and continuous monitoring of classified Information Systems.Coordinate with customers on approval of external information systems/guest systems.Schedule, perform and maintain records of required IS auditing, patching, maintenance, software/hardware changes, and scanning based on evolving threat/vulnerabilities and customer compliance requirements.Develop and conduct test procedures for verification of Authorization and Accreditation (A&A) and/or Risk Management Framework (RMF) safeguards to meet customer requirements based upon JSIG, ICD 705, NIST 800-53, NIST 800-53a, NIST 800-171 & CNSSI 1253.Evaluate threats and vulnerabilities to determine the need for supplementary safeguards (e.g. architecture, firewall, data flow, network access, etc.).Employ customer-approved procedures for sanitizing and releasing system components and media.Ensure all IS security-related documentation is current and accessible to properly authorized individuals.Conduct periodic reviews to ensure compliance with SSP.Be knowledgeable of and comprehend customer Security Classification Guides (SCG) to determine classified system requirements.Enforce Configuration Management (CM) policies and procedures for authorizing the use of hardware/software on an IS.Ensure configuration management for security-relevant IS software, hardware and firmware is maintained and documented.Assess proposed changes to customer information systems, their environment of operation, and mission needs that could affect system authorization.Maintain a working knowledge of IS functions, security policies, technical security safeguards, and operational security measures.Coordinate with Program Security Officer (PSO), Contractor Program Security Officer (CPSO) and/or Government SAP Security Officer (GSSO) to define, implement and maintain information security policies, strategies, and procedures.Implement policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents.Formally notify the appropriate individuals when changes occur that might affect accreditation.Ensure the development, documentation, and presentation of classified IS security education, awareness, and training activities.Provide mentoring and leadership to supporting ISSOs.Familiarity with enterprise-level networks and Information Systems.Knowledge of DevSecOps policies and procedures including Continuous Integration / Continuous Development (CI/CD) pipelines.Qualifications:Bachelor’s degree in Computer Science, Information Assurance, Information Security or related field. Desired Master's degree in Computer Science, IT Management, Cybersecurity or Information Assurance.Six (6) years of experience working in an IA-related field.Four (4) years of additional experience may be substituted for a bachelor’s degree.CompTIA Security+ Certification.(ISC)2 CAP - Certified Authorization Professional Certification.Desired: (ISC)2 CISSP - Certified Information Systems Security Professional Certification.Experience with A&A documentation and system authorization artifacts for Special Access Program (SAP) and Secure Compartmentalized Information (SCI) systems.Knowledge of federal security requirements and mandates (e.g., RMF, Federal Information Processing Standards (FIPS), National Standards of Information Technology (NIST)).Experience with security architectures, firewalls and network access.Experience with risk managed downloads / Assured File Transfers (AFTs), IS sanitization and destruction, PEDs, contaminations, incident response, virus scanning, privileged user access, and hardware/software configuration management.Excellent oral and written communication skills.Strong customer service skills; being able to work with personnel across multiple disciplines of the organization.Strong organizational skills and ability to manage multiple tasks concurrently.Excellent time management, scheduling, and organizational skills.Ability to work well independently as well as follow detailed instructions for completing tasks.Working knowledge of development tools such as GitLab, Artifactory, JIRA & Sonarqube.Must possess an active Top Secret security clearance. Duties will require unescorted entry and work within classified SAP and SCI facilities. 100% onsite in the customer’s facilities.Desired to have 12 months or more of experience in a SAP environment within the last 5 years.Please Note: U.S. Citizenship is required for this position, due to contract requirements.ADDITIONAL NOTES• Travel: Position requires up to 10% travel to CONUS areas.

#J-18808-Ljbffr