Cybersecurity – Senior Information System Security Manager – Issm

Cybersecurity – Senior Information System Security Manager – Issm

Requirements

• Successfully completed Tier 5 Investigation (T5), formerly known as a Single Scope Background Investigation (SSBI) by the federal government within the last 5 years, or requires candidate to have been enrolled in a Continuous Vetting program within the last 5 years
• Currently hold certification in good standing to satisfy IAM Level III (CISSP, GSLC, or CISM)
• 5+ years of experience in cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. DAAPM, CNSSI 1253, ICD-503, JSIG, or NIST SP 800 series
• Ability to obtain a Counter-Intelligence Polygraph

Responsibilities

• Perform security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted Boeing, industry, and government standards
• Manage, develop, and conduct assessment procedures for verification of Risk Management Framework (RMF) and Assessment and Authorization (A&A) safeguards to meet regulatory requirements based on upcoming NISPOM/DAAPM, RMF, JSIG, ICD-503, and NIST 800 series (800-53, 80-171, etc.) guidelines for new and existing information systems
• Author, provide oversite, and ensure timely delivery of RMF package artifacts to include the System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Plan of Action & Milestones (POA&M), Continuous Monitoring (CONMON), Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acknowledgement Letters (RAL), etc.
• Coordinate configuration management of assigned systems; auditing systems to ensure security posture integrity
• Review audit data for anomalous or unauthorized activity
• Conduct cybersecurity training, briefings, and presentations to multiple levels of business
• Lead staff with assessments and test/analysis data to document state of compliance with security requirements
• Conduct risk assessments and investigations, implement appropriate risk mitigations, and lead all aspects of incident response activities
• Conduct periodic hardware/software inventory assessments
• Serve as organization spokesperson on sophisticated projects and programs
• Act as advisor to management and customers on sophisticated technical research studies
• Collaborate with the appropriate government customers, suppliers, and company personnel to implement protective mechanisms and to ensure understanding of and compliance with cybersecurity requirements

Preferred Qualifications

• 5+ years of experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs
• 5+ years of experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS
• 5+ years of experience assessing and documenting test or analysis data to show cyber security compliance
• Active Counter-Intelligence Polygraph