Information System Security Manager (ISSM)
USA, Niceville, 360 West John Sims Parkway, Florida
KBR, Inc.
Title:
Information System Security Manager (ISSM)The selected applicant will provide cybersecurity and Risk Management Framework (RMF) support to systems and applications for the Test Resource Management Center (TRMC). Will work with military, government, and contractor personnel to provide technical and policy direction grounded in Department of Defense (DoD) policy, and act as the Subject Matter Expert (SME) with the cybersecurity domain and lead ISSOs. The application will, at times, be the liaison between end users, application developers, and senior leadership within the DoD and across the Test and Evaluation community.
Applicants Duties include:
- Deliver documentation to include: Executive level briefings, Assessments, Self-Assessments, RMF packages, and supporting RMF documentation
- Review Cybersecurity tool reports, ACAS, HBSS, for the purposes of reporting and compliance
- Software Certification package development
- Work directly with the TRMC SISO on all TRMC RMF packages and ATO Status updates
- Support security engineering projects and solution delivery.
- Lead security audit and compliance activities for each system responsible for
- Responsible for auditing all artifacts provided in each RMF package to determine system readiness for ATO packet submissions.
- Provide recommendations to the SISO, PM, and AO regarding remediation and mitigation of identified vulnerabilities on test reports and plan of action and milestones (POA&Ms).
- Monitor system status updates and report to senior leadership.
- Includes monthly executive reports, vulnerability reports, JFHQ DODIN reporting and briefing.
- Monthly executive briefing to SISO, PM on security metrics
- Interface with PMs and SISO on issues needing input/concurrence
- Draft and present RMF deliverables to senior leadership
- Attending Executive Program Reviews as the ISSM
- Work with outside agencies on Memorandums of Understanding / Interconnection Service Agreements, and other senior level agreements etc.
- Work directly with a distributed team to reduce travel
- Travel 25% of time
Basic Qualifications:
- *U.S. Citizenship and Top Secret / SSBI clearance required*
- A minimum of 2 years of Information Technology Information Assurance, or Cyber Security engineering experience.
- a minimum of 2 years of experience in conducting security assessments by reviewing security controls with the ISSO/ISSM and guide programs through RMF process.
- Bachelor’s Degree in Engineering, Computer Science, or 8 years IT field experience in lieu of degree; Master’s Degree preferred
- Proven expertise with assessing security controls in accordance with NIST Special Publications (i.e.: NIST 800 Series)
- Proven in-depth knowledge of Cybersecurity principles technologies, and processes.
- Experience with NIST 800-53, Security Development
- Familiarity with performing assessments within cloud environments
- Familiarity with performing assessments for Unclassified and Classified environments
- Ability to adapt to process changes
- Ability to interface with senior leadership
- Ability to support high visibility or high priority projects
- Possession of excellent oral and written communication skills
KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: ACAS Audits Clearance Clearance Required Cloud Compliance Computer Science DoD NIST NIST 800-53 POA&M Risk management RMF Security assessment Top Secret Vulnerabilities
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open PowerShell-related jobs