Information Systems Security Engineer/Manager (ISSE/ISSM)
Bedford, Massachusetts, United States
The individual in this role, will be a member of the team implementing and overseeing all phases of the RMF process and day-to-day cybersecurity activities for DoD cloud-based systems. Primary responsibilities are listed below.
- Supporting the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing DoD and Air Force policies (i.e., Risk Management Framework (RMF).
- Recommending policies and procedures to ensure the reliability of and accessibility to information systems and to prevent and defend against unauthorized access to systems, networks, and data.
- Conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs.
- Promoting awareness of security issues among management and ensuring sound security principles are reflected in organizations’ visions and goals.
- Conducting systems security evaluations, audits, and reviews.
- Recommending systems security contingency plans and disaster recovery procedures.
- Recommending and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures.
- Participating in network and systems design to ensure implementation of appropriate systems security policies.
- Facilitating the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes.
- Assessing security events to determine impact and implementing corrective actions.
- Ensuring the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT services.
- Perform the Information System Security Engineer (ISSE) duties in an Information Assurance Workforce System Architecture and Engineering (IASAE) position as outlined in AFI 33-200, AFI 33-210 and AFMAN 33-285 for assigned systems.
- Perform the Information System Security Officer (ISSO) duties as outlined in DoDI 8510.01for assigned systems/applications.
- Perform the Information System Security Manager (ISSM) duties as outlined in DoDI8510.01 for assigned systems/applications.
Requirements
An active Secret is required for this position. Candidates who do not meet this requirement will not be considered.
Technical Areas of Expertise
- Expert knowledge of NIST RMF processes, policies, and DoD directives
- Expert ability to create and revise standard operating procedures (SOPs), work instructions (WI), and Tactics, Techniques, and Procedures (TTPs)
- Expert ability to create presentations and present policies, guidance, and procedures to varied audiences including senior leadership levels
- A demonstrated expertise in RMF process
- Customer service skills
- A demonstrated ability (including knowledge and experience) to perform tasks related to AF cyber security
- Knowledge of cloud-based solutions is a plus
Qualifications
- Active DoD Secret clearance
- DoDI 8570 IAT Level II Certification
- 3+ years of experience in DoD Cybersecurity
- In depth knowledge of DoD cyber security policies and regulations
- Experience in providing security recommendations to senior leadership
- Bachelor’s Degree and 10 years of prior experience, additional experience may be considered in lieu of degree
Benefits
Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits. From competitive salaries, full health, a unique 401K plan, and generous PTO and Federal Holidays.
Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development!
Avint is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity and Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.
Tags: Audits Clearance Cloud DoD DoDD 8570 ISSE NIST Risk management TTPs Vulnerabilities
Perks/benefits: Career development Health care Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open IPS-related jobs
- Open CEH-related jobs