Info Systems Security Mgr Job Listing at SPA in Huntsville, AL (Job ID 22423)

Description

Overview

Intrepid, an SPA Company, brings more than 20 years of experience supporting the Department of Defense and U.S. Government, consistently setting the standard for excellence in the federal marketplace. Committed to advancing the mission of the U.S. Warfighter, Intrepid leverages technological superiority to deliver innovative solutions across air, space, land, and sea domains. We are proud to foster a collaborative, dynamic work environment, offering competitive compensation and an industry-leading 401k contribution. Our team is built through merit and achievement, and we're always looking for the best and brightest to join us in our growth. We treat our people like family, we are mission-focused, and we give back! Join us today.

The Cybersecurity Team under Intrepids's Information Technology Department establishes and maintains a robust cybersecurity posture and policy architecture across Intrepid's information systems. The team manages cyber policy, develops control implementations and system security plans, continuously monitors systems, and performs routine cyber operations including patching, auditing, and incident response. Cybersecurity is critical to Intrepid's mission, therefore we strive to offer secure solutions that ensure data is protected while meeting the needs of the business.

In this role, you will serve as the Information Systems Security Manager for multiple systems operating under Intrepid's Army Integrated Engineering Group (AIEG). This requires the individual to operate with autonomy while interfacing directly with ISSOs, Administrators, clients, and leaders overseeing the business unit's operation.

SPA has an immediate need for an Information Systems Security Manager. 

With minimal supervision, the Information System Security Manager (ISSM) maintains day-to-day Cybersecurity posture and continuous monitoring of classified information systems.  The ISSM conducts reviews and technical inspections to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional.  In this role, you will report to the Deputy CISO while preparing and maintaining security Assessment and Authorization (A&A) documentation, performing audits, leading incident response activities, interfacing with Government personnel, and maintaining a thorough understanding of NIST 800-53 controls and other Government directed actions. As the ISSM, you will be expected to collaborate with Intrepid and Government members to respond to data calls, support technical reviews and formal government-driven assessments.

Required Qualifications:

• Active Secret security clearance
• Master's degree in an Information Technology related field or a Bachelor's degree with equivalent work experience and certifications
• Minimum of 10 years' experience in information system security with 5 or more year's direct experience as an ISSM, ISSP, Security Control Assessor (SCA), or equivalent position
• Must meet Department of Defense 8140 certification requirements at IAM Level II; acceptable certifications include CISSP, CISM, GSLC, and CAP
• A minimum of 3 years of direct experience with RMF artifacts, obtaining and maintaining system ATOs, and implementing new and complex technologies at multiple classification levels within large enterprise environments
• A minimum of 3 years of direct experience performing a continuous monitoring and the cybersecurity hygiene of windows/linux domains and network enclaves
• A minimum of 5 years of direct experience working with federal/government agencies in sensitive and classified environments
• A minimum of 3 years of direct experience with Risk Management Framework (RMF), NIST 800-53, DAAPM or DAAG, and other legal and regulatory guidance
• Ability to exercise independent judgment and to work autonomously with minimal supervision

Desired Qualifications: 

• Experience configuring systems for compliance using a myriad of Security Technical Implementation Guides (STIGs) and STIG Viewer
• Direct experience managing Government inspections of classified systems including Command Cyber Readiness Inspections (CCRIs) and Cybersecurity Operational Readiness Assessments (CORAs)
• Direct experience managing the system lifecycle of connected classified systems including Secret Defense Research and Engineering Network (SDREN) and Secret Internet Protocol Router Network (SIPRNET) systems

Required Qualifications:

• Active Secret security clearance
• Master's degree in an Information Technology related field or a Bachelor's degree with equivalent work experience and certifications
• Minimum of 10 years' experience in information system security with 5 or more year's direct experience as an ISSM, ISSP, Security Control Assessor (SCA), or equivalent position
• Must meet Department of Defense 8140 certification requirements at IAM Level II; acceptable certifications include CISSP, CISM, GSLC, and CAP
• A minimum of 3 years of direct experience with RMF artifacts, obtaining and maintaining system ATOs, and implementing new and complex technologies at multiple classification levels within large enterprise environments
• A minimum of 3 years of direct experience performing a continuous monitoring and the cybersecurity hygiene of windows/linux domains and network enclaves
• A minimum of 5 years of direct experience working with federal/government agencies in sensitive and classified environments
• A minimum of 3 years of direct experience with Risk Management Framework (RMF), NIST 800-53, DAAPM or DAAG, and other legal and regulatory guidance
• Ability to exercise independent judgment and to work autonomously with minimal supervision

Desired Qualifications: 

• Experience configuring systems for compliance using a myriad of Security Technical Implementation Guides (STIGs) and STIG Viewer
• Direct experience managing Government inspections of classified systems including Command Cyber Readiness Inspections (CCRIs) and Cybersecurity Operational Readiness Assessments (CORAs)
• Direct experience managing the system lifecycle of connected classified systems including Secret Defense Research and Engineering Network (SDREN) and Secret Internet Protocol Router Network (SIPRNET) systems

With minimal supervision, the Information System Security Manager (ISSM) maintains day-to-day Cybersecurity posture and continuous monitoring of classified information systems.  The ISSM conducts reviews and technical inspections to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional.  In this role, you will report to the Deputy CISO while preparing and maintaining security Assessment and Authorization (A&A) documentation, performing audits, leading incident response activities, interfacing with Government personnel, and maintaining a thorough understanding of NIST 800-53 controls and other Government directed actions. As the ISSM, you will be expected to collaborate with Intrepid and Government members to respond to data calls, support technical reviews and formal government-driven assessments.