Information Systems Security Manager

Position Responsibilities

• Perform oversight of the development, implementation and evaluation of information systems security program for assigned programs in compliance with NISPOM, DAAPM, DCID 6/3, JAFAN 6/3, ICD 503, and JSIG RMF.
• Prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, RAR, and SCTM) including participation in system categorization.
• Ensure the development, documentation, and presentation of IS security education, awareness, and training activities for users and others, as appropriate.
• Apply cyber security standards, directives, guidance and policies to special programs classified computing environments.
• Perform tasks related to compliance of Continuous Monitoring (ConMon) Plans (e.g., audit log review, security patching, software and hardware configuration management).
• Investigate security incidents to include data spills, data integrity incidents, and malicious code incidents.
• Ensure system security measures comply with applicable government policies, provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
• Conduct reviews and technical inspections to identify and mitigate potential security weaknesses, and ensure that all security features applied to a system are implemented and functional.
• Manages Risk Management Framework (RMF) processes, product development and product maintenance for assigned systems.
• Knowledge and ability to implement and maintain a Risk Management Framework as mandated by NIST 800-37, NIST 800-53, and supporting policy.
• Experience administering the system functions including security policies and