Information Systems Security Manager (ISSM)
Hanscom Air Force Base, MA, United States
Abacus Technology
Company Description
Abacus Technology Corporation is a Federal government contractor and provider of enterprise information technology (IT) services and solutions. For nearly 40 years, we’ve developed effective partnerships with government and industry to tackle business challenges and pressures for Federal Defense, Civilian, and Intelligence customers. Abacus maintains core competencies in: IT Infrastructure Support, Network Operations and Maintenance, Communication Solutions, Systems Engineering and Integration, Cyber Security / Information Assurance, Application Development, Program Management, and Business Transformation.
Job Description
Ensure compliance with cybersecurity requirements in accordance with DoD and DoD Component cybersecurity and information assurance policies and guidance. Support the PM in development of a POA&M and budget that addresses the implementation of cybersecurity requirements throughout the lifecycle of the system. Identify a cybersecurity team; the PM can designate the ISSM to chair a Cybersecurity Working-level Integrated Product Team (WIPT) or sub-WIPT, executed under the authority of the Systems Engineering WIPT. Support implementation of the RMF. Maintain and report systems assessment and authorization status and issues in accordance with DoD component guidance. Provide direction to the Information System Security Officer (ISSO) in accordance with DoDI 8500.01. Coordinate with the organization’s security manager to ensure issues affecting the organization's overall security are addressed appropriately. Continuously monitor the system or information environment for security-relevant events and configuration changes that negatively affect security posture. Periodically assesses the quality of security controls implementation against performance indicators. Immediately report any significant change in the security posture of the system, and recommended mitigations, to the Security Control Assessor (SCA) and AO. Recommend to the SCA or AO a reassessment of any or all security controls at any time, as appropriate. Ensure that SSE processes are aligned to, and adequately documented in the program's SEP and PPP, and are executed with sufficient rigor to ensure required security controls are implemented, resulting in the lowest level of residual risk to system operation. Ensure that cybersecurity inputs to program acquisition documents are prepared. Maintain situational awareness and initiate actions to improve or restore IA posture as well as conducting annual security reviews of all IA controls and a test of selected IA controls. Complete and maintain appropriate IA certification JAW AFMAN 33-285.
Qualifications
15+ years experience in cyber security or information assurance including at least 5 years in a DoD environment. Bachelor’s degree in a related field. Must hold one of the following certifications: CISSP, CISM, GSLC, or CCISO. Experience with the certification and accreditation process. Significant experience in vulnerability scanning and analysis, including the use of automated tools and vulnerability management systems. Knowledge of intrusion prevention and network access control tools/systems. Understanding of system audit principles and security risk assessment. Strong understanding of security policy advocated by the U.S. Government including the Department of Defense and appropriate civil agencies, e.g., NIST. General experience includes development of both common user and special purpose command and control/information systems with increasing responsibilities in the scope and magnitude of the systems for which solutions have been implemented. Must have a solid understanding of network infrastructure and mission assurance. Familiar with Federal government and DOD standards for IA/security including DIACAP, FISMA, NIST, and OMB. Must have solid communications skills and be capable of working with all levels of an organization. Must be a US Citizen and hold a current Secret clearance.
Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.
Additional Information
All your information will be kept confidential according to EEO guidelines.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISM CISSP Clearance Compliance DIACAP DoD FISMA GSLC Intrusion prevention IT infrastructure NIST POA&M Risk assessment RMF Vulnerability management
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs