The Information System Security Manager (ISSO) provides protection and safeguarding of information systems under the guidance of the Information System Security Manager (ISSM) and works closely with the Information System Owner on assigned government-authorized systems, corporate network, and corporate engineering systems. The ISSO will have the detailed knowledge and expertise required to manage the security aspects of an information system and is assigned responsibility for the day-to-day security operations of a system.

Essential Functions:

• Recommend department training needs and security tools acquisition and or training. Works with IT Admin functions to ensure security auditing tools are working as designed and optimized to present alerts and information for conducting audit reviews.
• Works with Program/Industrial Security to prepare, participate in, and remediate Customer inspection activities or findings. Builds strong coalitions with these functional teams to ensure the overall success of the Cybersecurity Programs.
• Authoring and maintaining Body of Evidence (BOE) artifacts under the guidance of the ISSM in support of Assessment & Authorization (A&A) of assigned systems in accordance with Risk Management Framework (RMF)
• Oversees and coordinates security control assessments and Continuous Monitoring Plans for the program
• Working with the ISSM and IT system administration to develop system hardening guides following DISA and NIST guidelines
• Experience with applying and adhering to DoD Secure Technical Implementation Guidelines (STIGs) and CIS Benchmarks
• Responsible for tracking and resolution of POA&Ms
• Ensuring all systems are rigorously monitored for anomalous activity
• Investigating security incidents such as data spills and malicious events
• Assisting the ISSM in meeting their duties and responsibilities. The ISSO shall assume ISSM responsibilities in the absence of the ISSM

Qualifications:

• Bachelor's Degree and minimum 3 years of prior relevant experience. Graduate Degree and a minimum of 2 years of prior related experience. In lieu of a degree, minimum of 10 years of prior related experience.
• Active Top Secret security clearance required
• DoD 8570 IAT-Level II, IAM-Level I certification
• Experience as an ISSO managing cybersecurity on classified systems under DAAPM, JSIG, ICD 503, and/or NIST 800-53.
• Experience as an ISSO managing cybersecurity on unclassified systems under NIST 800-171.
• Experience developing, managing, and providing evidence to close POA&Ms associated with the A&A and project management processes
• Experience with DISA STIGs and SCAP Compliance Checker
• Experience interpreting vulnerability scanning and security log results (Nessus, Splunk)

Preferred Additional Skills:

• ISSO experience with eMASS
• Experience with audit reduction tools like Splunk
• Experience with Linux or Unix operating systems
• Flexibility to adjust to changing requirements, schedules, and priorities
• Able to socialize ideas, make recommendations, and gain team consensus
• Exceptional verbal, written, interpersonal and presentation skills, customer relationship building skills, analytical skills
• High level of personal motivation and initiative to learn and acquire new skills

Security Clearance:

• A current U.S. government security clearance is required. Qualified applicants may be subject to a security investigation and must meet minimum qualifications for access to classified information. As a result, U.S. Citizenship is required for this role. Applicants may be subject to additional security requirements.

Benefits:
A successful company begins with happy employees. Cromulence takes our company culture seriously and works hard to maintain an atmosphere that rewards people for getting the best results. What we offer to all our employees:

• Extremely competitive base salary and bonuses
• Full benefits: Medical, Dental, Vision, STD, LTD, 4 weeks of paid parental leave (all 100% paid for by Cromulence)
• 401 (K) with a hefty company matching program
• 4 weeks of Paid time off (PTO)
• 11 paid holidays
• Flexible work hours and remote work when possible
• Continuing education benefits
• Additional perks like company retreats, DEF CON trips, well-stocked kitchens & breakrooms, a sweet historic downtown office, and more!

Cromulence is a growing cybersecurity company located in historic downtown Melbourne, Florida. We specialize in Computer Network Operations Tools, Cybersecurity Competitions, advanced Program Analysis Research & Development, and Vulnerability Research.

We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by federal, state or local laws. Cromulence Participates in E-Verify.

Job Type: Full-time

Benefits:

• 401(k)
• Dental insurance
• Health insurance
• Paid time off
• Vision insurance

Application Question(s):

• Are you a US citizen?

Security clearance:

• Confidential (Preferred)

Ability to Commute:

• Melbourne, FL 32901 (Preferred)

Ability to Relocate:

• Melbourne, FL 32901: Relocate before starting work (Required)

Work Location: In person