Information Systems Security Manager- TS/SCI with Security Clearance
Responsibilities Peraton is seeking an Information Systems Security Manager in support of our Corporate IT Operations team.
Responsibilities:
Comply with the ISSM Roles and Responsibilities as laid out in DAAPM 2.
2, JSIG Rev 4, ICD-503, and other applicable documentation.
Maintain the Security Authorization or Assessment and Accreditation (A&A) of their assigned system(s).
Track and coordinate with the Regional Information Assurance Director and the Peraton Information Assurance Director the Security Authorization of their assigned system(s).
Deliver all required documentation using the current customer approved templates, forms, regulations, and methods.
Continuously update all Security Authorization documentation as required by the customer and in accordance with applicable Risk Management Framework (RMF) packages.
Provide advisement to stakeholders to assign resources and establish timelines to ensure the successful Security Authorization of a system.
Maintain all required documentation for their assigned system's Authority To Operate (ATO) or information system go live dates.
Document all relevant governing authority Security Controls and/or applicable departmental policies for each information system the ISSM is responsible for.
Draft Security/RMF Packages and perform any modifications throughout the lifecycle of the information system.
Work closely with the key stakeholders to identify any additional controls that are applicable to the system(s) to maintain a favorable security posture.
Perform an annual self-inspection and inventory in accordance with applicable governing authority.
Provide oversight and advisement on all proposed change requests on the accredited Information System(s) as they pertain to the potential change to the existing Controls Assessment.
Evaluate and provide advisement on all account access requests to information systems.
Ensure all software is tested and approved prior to introduction to the production environment.
Track the deployment of software to the environment.
Manage and monitor all vulnerabilities with their assigned information systems.
Generate Plan of Actions & Milestones (POA&Ms) for each non-compliant control for each accredited Information System.
Proper documentation shall be filed and updated as required.
Manage all applicable POA&Ms throughout the lifecycle of the information system.
This includes but is not limited to the drafting of well documented waivers and exceptions detailing the potential risk to the Authorizing Official.
Support the Incident Response Team in the remediation, documentation, and reporting of all incidents for the accredited system(s) under their purview.
Perform a Weekly audit (review of logs) for each accredited information system.
Participate in project discussions in support of the key stakeholders.
Provide, track, and report security requirements throughout the system life cycle of all information systems that are within the accreditation boundary.
Work closely with Office of the Chief Information Security Officer (CISO) and the Information Assurance Director (IAD) to provide guidance and oversight for all requested initiatives.
Provide timely and detailed responses to all data calls.
Provide oversight and guidance regarding requests to modify technical policies such as firewall rules, ports, protocols, etc.
for each information system.
Continuously maintain a thorough understanding of all configurations, architecture, installed software, accounts (both Operating System and Application), data flows, ports, protocols, and other relevant data for each Information System.
Qualifications Bachelor's degree or equivalent experience 8-10 years applicable professional experience Experience with Authority to Operate (ATO) process, continuous monitoring, POA&Ms, Security Authorizations (SA), NIST 800-37, NIST 800-53 Rev4/ Rev5, working with System Owners (SO) Experience with the A&A process of various customers Works well with team members CISSP, CISA or equivalent certifications (DoD 8570 IAM 2 equivalent) System Admin or other technical background Experience with Ongoing Authorizations Experience with eMASS Experience with System Compliance Check and Security Technical Implementation Guidance Experience with ACAS, Nessus, and/or other vulnerability scanners Active TS/SCI clearancePeraton Overview Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy.
As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure.
Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets.
Every day, our employees do the can't be done, solving the most daunting challenges facing our customers.
Target Salary Range $112,000 - $179,000.
This represents the typical salary range for this position based on experience and other factors.
EEO An Equal Opportunity Employer including Disability/Veteran.
Recommended Skills Architecture Auditing Certified Information Security Manager Certified Information Systems Security Professional Computer Security Firewalls (Computer Science) Estimated Salary: $20 to $28 per hour based on qualifications.
Responsibilities:
Comply with the ISSM Roles and Responsibilities as laid out in DAAPM 2.
2, JSIG Rev 4, ICD-503, and other applicable documentation.
Maintain the Security Authorization or Assessment and Accreditation (A&A) of their assigned system(s).
Track and coordinate with the Regional Information Assurance Director and the Peraton Information Assurance Director the Security Authorization of their assigned system(s).
Deliver all required documentation using the current customer approved templates, forms, regulations, and methods.
Continuously update all Security Authorization documentation as required by the customer and in accordance with applicable Risk Management Framework (RMF) packages.
Provide advisement to stakeholders to assign resources and establish timelines to ensure the successful Security Authorization of a system.
Maintain all required documentation for their assigned system's Authority To Operate (ATO) or information system go live dates.
Document all relevant governing authority Security Controls and/or applicable departmental policies for each information system the ISSM is responsible for.
Draft Security/RMF Packages and perform any modifications throughout the lifecycle of the information system.
Work closely with the key stakeholders to identify any additional controls that are applicable to the system(s) to maintain a favorable security posture.
Perform an annual self-inspection and inventory in accordance with applicable governing authority.
Provide oversight and advisement on all proposed change requests on the accredited Information System(s) as they pertain to the potential change to the existing Controls Assessment.
Evaluate and provide advisement on all account access requests to information systems.
Ensure all software is tested and approved prior to introduction to the production environment.
Track the deployment of software to the environment.
Manage and monitor all vulnerabilities with their assigned information systems.
Generate Plan of Actions & Milestones (POA&Ms) for each non-compliant control for each accredited Information System.
Proper documentation shall be filed and updated as required.
Manage all applicable POA&Ms throughout the lifecycle of the information system.
This includes but is not limited to the drafting of well documented waivers and exceptions detailing the potential risk to the Authorizing Official.
Support the Incident Response Team in the remediation, documentation, and reporting of all incidents for the accredited system(s) under their purview.
Perform a Weekly audit (review of logs) for each accredited information system.
Participate in project discussions in support of the key stakeholders.
Provide, track, and report security requirements throughout the system life cycle of all information systems that are within the accreditation boundary.
Work closely with Office of the Chief Information Security Officer (CISO) and the Information Assurance Director (IAD) to provide guidance and oversight for all requested initiatives.
Provide timely and detailed responses to all data calls.
Provide oversight and guidance regarding requests to modify technical policies such as firewall rules, ports, protocols, etc.
for each information system.
Continuously maintain a thorough understanding of all configurations, architecture, installed software, accounts (both Operating System and Application), data flows, ports, protocols, and other relevant data for each Information System.
Qualifications Bachelor's degree or equivalent experience 8-10 years applicable professional experience Experience with Authority to Operate (ATO) process, continuous monitoring, POA&Ms, Security Authorizations (SA), NIST 800-37, NIST 800-53 Rev4/ Rev5, working with System Owners (SO) Experience with the A&A process of various customers Works well with team members CISSP, CISA or equivalent certifications (DoD 8570 IAM 2 equivalent) System Admin or other technical background Experience with Ongoing Authorizations Experience with eMASS Experience with System Compliance Check and Security Technical Implementation Guidance Experience with ACAS, Nessus, and/or other vulnerability scanners Active TS/SCI clearancePeraton Overview Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy.
As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure.
Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets.
Every day, our employees do the can't be done, solving the most daunting challenges facing our customers.
Target Salary Range $112,000 - $179,000.
This represents the typical salary range for this position based on experience and other factors.
EEO An Equal Opportunity Employer including Disability/Veteran.
Recommended Skills Architecture Auditing Certified Information Security Manager Certified Information Systems Security Professional Computer Security Firewalls (Computer Science) Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
