Information System Security Manager (ISSM)

Full Time
Arlington, VA

CSCI is seeking a well-qualified and self motivated Information Systems Security Manager (ISSM) to support a Department of Defense (DoD) customer located in Arlington, VA.  Candidates must have experience implementing and supporting infrastructures that meet and adhere to the controls defined in the DoD Intelligence Information System (DoDIIS) – Joint Security Implementation Guide (DJSIG) and the DoD Joint Special Access Program Implementation Guide (JSIG).  Successful experience implementing and supporting the Risk Management Framework (RMF) has defined in the above directives is required.

All candidates require experience implementing and supporting Defense Information System Agency (DISA) Secure Technical Implementation Guides (STIG) for Red Hat Linux and Microsoft Windows Server Operating Systems.

Daily activities include:

  • Serve as an ISSM for multiple systems and ensure system processes are being followed by all personnel including privileged users.
  • Create and maintain System Security Plans (SSP), Security Control Traceability Matrixes (SCTM), Plan of Actions and Milestones (POA&M), and all other RMF documentation required for supported systems.
  • Review and evaluate RMF packages from outside organizations to provide inputs and recommendations to Authorizing Official (AO).
  • Perform SCAP Compliance Checker (SCC) scans to ensure configurations are in accordance with latest DISA STIGs.
  • Perform Nessus Security scans to ensure all known vulnerabilities are mitigated or documented within a system Plan of Actions and Milestones (POA&M).
  • Interface with external entities in regards to maintaining the Authorization of existing infrastructures.
  • Perform system audits on multiple platforms and implement processes and technologies that help highlight anomalies that can be evaluated to ensure Confidentiality, Integrity, and Availability is not compromised.
  • Maintain strong security posture to all supported infrastructures.

The candidate requires the following:

  • Excellent communication skills.
  • Strong writing skills to create and review RMF documentation.
  • Strong technical skills with Linux and Windows operating systems to go along with an in depth understanding of the RMF process.
  • Ability to effectively work with others that helps foster and encourage a positive work environment.
Experience: Requires a minimum of 5 years experience working as an Information System Security Officer (ISSO) or Information ISSM supporting the DCID, ICD 705, JDODIIS, JAFAN, DJSIG, and/or JSIG. Experience implementing and supporting RMF is required.
Degree: BA/BS or AA/AS in Information Technology, Cyber Security, or related discipline.
Training/Certifications: DoD 8570 Compliance. IAM Level III Certification (GSLC, CISM and/or CISSP) desired.
Travel: Minimum
U.S. Citizenship: Yes
Minimum Clearance: Applicants are required to have, at a minimum, a TOP SECRET (TS) clearance with Sensitive Compartmented Information (SCI) eligibility based on a Single Scope Background Investigation (SSBI) completed within the last 5 years. Applicants selected must be willing to submit to an initial and random counter-intelligence polygraph.

The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.
CSCI stands in support of equality for and advancement of all people based solely upon the merits of abilities and actions alone, without regard to race, creed, color, sex, age, national origin or disability.

Apply Now

Applicants are considered for all positions, and employees are treated during
their employment without regard to their race, color, creed, religion, sex,
national origin, age, marital status, sexual orientation, military status or any
non-job-related handicap or medical condition.

Use #dailysecuritytips to Connect With Us

Contact Us