Description

ASEC is an award winning, employee-owned small business focused on providing value and innovation in the areas of engineering, training, logistics, and flight services. Doing what is right for the Warfighter is reflected in everything we do. We have an opportunity for an Information Systems Security Manager (ISSM). This will be an on-site position based at MCAS Beaufort, SC. Projected start date for this work will be mid-October 2022. 

As the Information Systems Security Manager, duties performed include:

• Serving as a Subject Matter Expert with respect to National-level Security Policies to include ICD 503, NIST SP-800 Series, and CNSS Instruction 1253.
• Communicating and interacting with all system stakeholders to include Senior Management and the Authorizing Official.
• Ensuring ISSOs and stakeholders follow all information security policies, standards, and methodologies to obtain and/or maintain security authorizations for information systems.
• Providing support to the customer organizations in maintaining the appropriate operational IA posture for a systems, programs, or enclaves.
• Providing support to the Government on all matters (technical and otherwise) involving the security of the information system.
• Assisting in the development and execution of an enterprise level continuous monitoring program to minimize security risks and ensure compliance with that program on a routine basis.
• Guiding the development and updating of the system security plan, as well as managing and controlling changes to the system and assessing the security impact of those changes.
• Providing support to plan, coordinate, and implement IT security programs and policies.
• Providing configuration management guidance for security-relevant information system software, hardware, and firmware.

Requirements

Education, Skills, and Experience:

• B.S. computer science, Information System Management from an ABET-accredited institution or IA/CS technology field is required.
• In lieu of a degree 10 years of information system security officer/ cybersecurity engineering experience is required.
• 10 years of experience within the following:
• Engineering experience with 5 years of Information Assurance/Cybersecurity (IA/CS) experience.
• Risk Management Framework (RMF) DODI 8510.0 I.
• Security controls and implementation delineated in Committee of National Security Systems Instruction (CNSSI) 1253 and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, and the Joint Special Access Program Implementation Guide (JSIG).
• Performing vulnerability assessments using Assured Compliance Assessment Solution (ACAS), Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG), the Security Content Automation Protocol (SCAP) Compliance Checker, incorporating automated Benchmarks.
• Implementing operating systems and network devices security configuration in accordance with Defense Information Systems Agency (DISA) approved Security Technical Implementation Guides.
• Security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information systems.
• Identifying Common Criteria and National Information Assurance Partnership (NlAP) certified technologies and the DISA Approved Products List (APL).
• Development of IA related acquisition documents.
• Experience with using the Joint Special Access Program Implementation Guide processes.

Certification Requirements:

• Possess DoD Approved Baseline Certification as Information Assurance Manager Level II in accordance with DOD 8570.0l-M. (i.e., ClSSP, GSLC or CISM)

Security Clearance Requirements:

• This position requires U.S. citizenship and an active DoD Top Secret security clearance. Position is subject to a government security investigation; qualified candidates must meet eligibility requirements for access to classified information.

We recruit, employ, train, compensate, and promote the most qualified persons for employment without regard to race, color, religion, sex, national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, genetic information, or any other status protected by law. ASEC will not discharge or in any other manner discriminate against employees or applicants because they choose to inquire about, discuss, or disclose their own compensation or the compensation of another employee or applicant.

If you’d like more information about your EEO rights as an applicant under the law, please click here.