Information Systems Security Manager (ISSM)

Company Description

Abacus Technology Corporation is a Federal government contractor and provider of enterprise information technology (IT) services and solutions.  For nearly 40 years, we’ve developed effective partnerships with government and industry to tackle business challenges and pressures for Federal Defense, Civilian, and Intelligence customers.  Abacus maintains core competencies in: IT Infrastructure Support, Network Operations and Maintenance, Communication Solutions, Systems Engineering and Integration, Cyber Security / Information Assurance, Application Development, Program Management, and Business Transformation.

Job Description

Ensure compliance with cybersecurity requirements in accordance with DoD and DoD Component cybersecurity and information assurance policies and guidance.  Support the PM in development of a POA&M and budget that addresses the implementation of cybersecurity requirements throughout the lifecycle of the system.  Identify a cybersecurity team; the PM can designate the ISSM to chair a Cybersecurity Working-level Integrated Product Team (WIPT) or sub-WIPT, executed under the authority of the Systems Engineering WIPT.  Support implementation of the RMF.  Maintain and report systems assessment and authorization status and issues in accordance with DoD component guidance.  Provide direction to the Information System Security Officer (ISSO) in accordance with DoDI 8500.01.  Coordinate with the organization’s security manager to ensure issues affecting the organization's overall security are addressed appropriately.  Continuously monitor the system or information environment for security-relevant events and configuration changes that negatively affect security posture.  Periodically assesses the quality of security controls implementation against performance indicators.  Immediately report any significant change in the security posture of the system, and recommended mitigations, to the Security Control Assessor (SCA) and AO.  Recommend to the SCA or AO a reassessment of any or all security controls at any time, as appropriate.  Ensure that SSE processes are aligned to, and adequately documented in the program's SEP and PPP, and are executed with sufficient rigor to ensure required security controls are implemented, resulting in the lowest level of residual risk to system operation.  Ensure that cybersecurity inputs to program acquisition documents are prepared.  Maintain situational awareness and initiate actions to improve or restore IA posture as well as conducting annual security reviews of all IA controls and a test of selected IA controls.  Complete and maintain appropriate IA certification JAW AFMAN 33-285.

Qualifications

15+ years experience in cyber security or information assurance including at least 5 years in a DoD environment.  Bachelor’s degree in a related field.  Must hold one of the following certifications: CISSP, CISM, GSLC, or CCISO.  Experience with the certification and accreditation process.  Significant experience in vulnerability scanning and analysis, including the use of automated tools and vulnerability management systems.  Knowledge of intrusion prevention and network access control tools/systems.  Understanding of system audit principles and security risk assessment.  Strong understanding of security policy advocated by the U.S. Government including the Department of Defense and appropriate civil agencies, e.g., NIST.  General experience includes development of both common user and special purpose command and control/information systems with increasing responsibilities in the scope and magnitude of the systems for which solutions have been implemented.  Must have a solid understanding of network infrastructure and mission assurance.  Familiar with Federal government and DOD standards for IA/security including DIACAP, FISMA, NIST, and OMB.  Must have solid communications skills and be capable of working with all levels of an organization.  Must be a US Citizen and hold a current Secret clearance.

Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.

Additional Information

All your information will be kept confidential according to EEO guidelines.