Information Systems Security Manager - REF1244P

Company Description

At Elbit Systems of America (ESA), we spend our days working on exciting and meaningful innovative solutions that protect and save lives. From providing solutions for our warfighters and commercial pilots, to providing lifesaving medical instrumentation and homeland security technologies, the employees of Elbit Systems of America understand the value of their work and why we do what we do each and every day. We are looking for extraordinary people to join us in making a difference in the lives of others.

Job Description

The Information Systems Security Manager is responsible for maintaining compliance with applicable security regulations and performing all security related duties as required at the assigned facility(ies). This entails the design and successful execution of an IT security program which exceeds customer expectations, and minimizes security risks. He or she must apply a comprehensive knowledge of information technology security principles, practices and procedures to develop, implement, and manage the overall information system security program to support the FSO of the facility. Ensures assigned Information Systems (IS) are properly managed, according to the32 CFR Part 117 the National Industrial Security Program Operating Manual (NISPOM) and other security directives as required.

• Establishes, documents, implements, and monitors the Information System (IS) Security Program and related procedures for the facility.
• Ensures Information System (IS) compliance in accordance with the Risk Management Framework (RMF), National Industrial Security Program Operating Manual (NISPOM) and the DCSA Assessment and Authorization Process manual (DAAPM).
• Ensure that other supported policies and procedures may be required for the certification and accreditation process which maybe mandated by the Customer or other U.S. Government agency.
• Ensures the development, documentation and presentation of IS security education, awareness and training activities for IS personnel, users, and others, as appropriate.
• Conduct self-inspections to ensure that the IS function is operating as accredited and that accreditation conditions have not changed.
• Ensures the development of facility procedures to govern marking, handling, controlling, removing, transporting, sanitizing, reusing, and destroying media and equipment containing classified information.
• Reports IS security incidents to the Facility Security Officer; assuring proper protection or corrective measures have been taken when an incident/vulnerability has been discovered.
• Implements security features for the detection of malicious code, viruses, and intruders (hackers), as appropriate or needed.
• Inform the Customer, U.S Government Defense Counterintelligence and Security Agency (DCSA), and FSO of security relevant changes to accredited information systems as required.
• Responsible for developing and maintaining an IS security audit and accountability program.
• If applicable, responsible for the oversight and continued training and education of Information System Security Officer(s) (ISSO).
• Ability to translate understanding of the organization's goals and objectives into compliance requirements.
• Provides quarterly updates and presentations regarding program status.
• Solid understanding of project management principles.
• Other assigned duties, as assigned by the CISO, related to security investigations.
• May require international travel and passport: How much travel – < 25%

Note: Due to unique work requirements this position will require you to work onsite.   There is no option for remote work.   

Qualifications

• BS in Computer Science or Information Security-Required
• 5-10 years' experience in Functional, Management, and Industry
• Ability to qualify for a security clearance

Certifications/Licenses: (DoD 8570.01-M IAM Level I/II certification)

Preferred certifications that meet the basic requirement for Information Assurance Manager (IAM) Level II, per DoD 8570.01-M, January 24, 2012:

• ISC2 Certified Authorization Professional (CAP)
• ISC2 Certified Information System Security Professional (CISSP (or Associate))
• ISACA Certified Information Security Manager (CISM)
• CompTIA Advanced Security Practitioner (CASP)
• GIAC Security Leadership (GSLC)

Knowledge, Skills, Abilities Required (Unique and Measurable):

• Expert knowledge of the Risk Management Framework (RMF), 32 CFR Part 117 National Industrial Security Program Operating Manual (NISPOM), and the DCSA Assessment and Authorization Process manual (DAAPM).
• Expert knowledge of National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 controls, based on NIST SP 800-53r5, as they are mapped to the corresponding NISPOM and RMF references.
• Working knowledge of SCAP and STIG Viewer.
• Experience/Knowledge of the Windows and Linux Operating Systems.
• Highly proficient with productivity software such as Microsoft Word, Excel, PowerPoint, and Outlook.
• Proven analytical and problem-solving experience.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Excellent, written, oral, and interpersonal communication skills.
• Ability to present ideas in a business-friendly and user-friendly (non-technical) language.
• Highly self-motivated and directed.

#LI-BC1

Additional Information

All your information will be kept confidential according to EEO guidelines.