GEOST Inc.
Information Systems Security Manager (ISSM)
GEOST Inc., Tucson, Arizona, United States, 85718
Position Title: Information Systems Security Manager (ISSM)Date Reviewed: 07/12/2024Position Reports To: Director of SecurityFLSA Designation: ExemptSupervises Others: YesEEO Job Category: First/Mid-Level Officials & ManagersHome Office Location: Tucson, AZ or Chantilly, VAPay Range: $110,000 - $140,000.00Hybrid/Remote Option: NoFTE: 1.0Position SummarySince its inception in 2004, Geost has been committed to solving mission-critical space domain and ISR challenges for DOD, IC and commercial customers. Our vision is to revolutionize the space-based payload market with innovative and novel designs for space, terrestrial, and airborne environments. As we grow our operations in Tucson, AZ and Chantilly, VA, we remain dedicated to the collaborative and innovative culture that is the foundation of our business. Geost is an operating unit of LightRidge Solutions.Geost seeks a motivated, customer-oriented Information Systems Security Manager (ISSM) to join our team in Tucson, AZ or Chantilly, VA. The ISSM will oversee the operational security posture to ensure Information Systems (IS) security policies, standards, and procedures are established and followed. A successful candidate will be motivated, results-oriented, and have a willingness to learn. They should possess strong customer service, communication, and organizational skills to thrive in an environment of varied and changing demands.Duties and ResponsibilitiesServe as the Information System Security Manager (ISSM) for stand-alone and networked classified information systems with responsibilities for all Risk Management Framework (RMF) activities required to obtain and maintain the Authorization to Operate (ATO) for all systems.Develop and maintain operational security posture to ensure classified information systems (IS) security policies, standards, and procedures are established and followed.Liase with adjacent program security components as well as US government counterparts and outside contractor employees to ensure compliance with government guidelines, regulations, and company policies.Provides subject matter expertise to security leadership and senior management personnel concerning the application of best practices as well as maintain adherence to US government regulations for classified IT systems.Initiate, update, and maintain classified information system authorization information in the Enterprise Mission Assurance Support Service (eMASS). Prepare and update all artifacts and control documentation in accordance with the current version of the DCSA Assessment and Authorization Process Manual (DAAPM)Perform auditing, vulnerability/risk assessment analysis to support Assessment and Authorization (A&A).Develop and implement RMF framework and A&A processes, specifically focused on developing SSP packages for achieving ATO for FISMA system.Provide configuration management (CM) for information system security software, hardware, and firmware.Oversee changes to the system and assesses the security impact of those changes.Conduct assessment tests that include verification that the features and assurances required for each protection level are functional.Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and Security Controls Traceability Matrix (SCTM).Apply a full range of Information Assurance (IA) policies, principals, and techniques to maintain security integrity of information systems processing classified information.Maintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades.Manage a team of subordinate employees providing taskings and guidance to that team.This position requires strong customer service and communication skills to effectively interact with the various staff and sponsor representatives.Ability to support on-site work.Ability to support travel or off-site work, as needed.Perform other duties as assigned.
Required QualificationsBachelor's degree and minimum 10 years of experience.An active U.S. Government Top Secret Security Clearance. Current SSBI is preferred.Minimum five years of related information systems security experience in a security environment with demonstrated knowledge of classified IS operation.Minimum of five years of experience with ICD 503, RMF Process.Extensive DCSA and DAAPM experience and knowledge.Working knowledge of Risk Management Framework (RMF) and creating a RMF System Security Plan in the enterprise Mission Assurance Support Service (eMASS).Advanced experience working with relevant operating system security (Windows, Solaris, Linux, etc.).Prior management of a team of subordinate employees.CompTIA Advanced Security Practitioner (CASP), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP) certification (IAM Level III).Security+ Certification.
Physical RequirementsA qualified candidate must be able to perform the essential functions of the position satisfactorily. If requested, reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of the position, absent undue hardship.Must be able to constantly operate a computer and other office productivity machinery for a majority of the shift.Must be able to occasionally move materials and/or equipment weighing up to 25 pounds.Must be able to complete tasks in a noisy environment.
Geost reserves the right to change or assign other duties to this position.BenefitsHired applicants may be eligible for benefits including but not limited to:Health benefitsMedicalDentalVisionBasic life with AD&DShort term disabilityLong term disabilityAncillary (Voluntary life with AD&D, accident, critical illness, hospital, and pet)Spending accounts (HSA, FSA, and DCFSA)
Paid time offHolidays401(k)Tuition reimbursementLeaves (Parental, pregnancy, and military)Potential bonus
Geost is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. Geost is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, please contact
recruiting@geost.com
.Pay Transparency: The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
Required QualificationsBachelor's degree and minimum 10 years of experience.An active U.S. Government Top Secret Security Clearance. Current SSBI is preferred.Minimum five years of related information systems security experience in a security environment with demonstrated knowledge of classified IS operation.Minimum of five years of experience with ICD 503, RMF Process.Extensive DCSA and DAAPM experience and knowledge.Working knowledge of Risk Management Framework (RMF) and creating a RMF System Security Plan in the enterprise Mission Assurance Support Service (eMASS).Advanced experience working with relevant operating system security (Windows, Solaris, Linux, etc.).Prior management of a team of subordinate employees.CompTIA Advanced Security Practitioner (CASP), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP) certification (IAM Level III).Security+ Certification.
Physical RequirementsA qualified candidate must be able to perform the essential functions of the position satisfactorily. If requested, reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of the position, absent undue hardship.Must be able to constantly operate a computer and other office productivity machinery for a majority of the shift.Must be able to occasionally move materials and/or equipment weighing up to 25 pounds.Must be able to complete tasks in a noisy environment.
Geost reserves the right to change or assign other duties to this position.BenefitsHired applicants may be eligible for benefits including but not limited to:Health benefitsMedicalDentalVisionBasic life with AD&DShort term disabilityLong term disabilityAncillary (Voluntary life with AD&D, accident, critical illness, hospital, and pet)Spending accounts (HSA, FSA, and DCFSA)
Paid time offHolidays401(k)Tuition reimbursementLeaves (Parental, pregnancy, and military)Potential bonus
Geost is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. Geost is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, please contact
recruiting@geost.com
.Pay Transparency: The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)