Tyto Government Solutions, Inc. has an opening for an Information System Security Manager as a part of the Defense Information Systems Agency (DISA) GSM-O II program at the Mark Center in Alexandria, VA. At a minimum, an active DoD Secret security clearance is required; Top Secret eligibility is preferred. Some remote work may be allowed.

Responsibilities:

• Senior member of team that coordinates, reviews, validates, and approves all activities, which contribute to the Assessment and Authorization (A&A) of automated information systems.
• Address physical security matters to information assessments, security tests and evaluations, preparation of Contingency Plans, and administration of Life Cycle Management and Configuration Management documentation.
• Assess the vulnerability of Automated Information Systems (AIS).
• Recommend and implement changes to IT systems in accordance with DoD directives.
• Function as a technical specialist and assess the risk management security and contingency planning programs.
• Implement measures to protect data from physical destruction or theft. Ensure that back-up procedures are in place for recovery from loss, destruction of data and program files, or from physical damage.
• Implement SOPs and periodically tests recovery procedures to ensure recovery procedures are operational.
• Develop policy and guidance, and establish implementation and oversight plans to ensure compliance with Risk Management requirements.
• Coordinate the review and evaluation of cyber security programs and effectiveness of implementation; identify problem areas; updates and establishes new requirements in response to new technologies and threats; and make recommendations to achieve a fully compliant IT architecture.
• Develop Systems Security Contingency Plans and Disaster Recovery Procedures.
• Develop and implement training and awareness programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures.

Qualifications:

• Minimum DoD Secret required (program can support up to TS/SCI)
• DoD 8570 IAM Level III or IAT Level III certification.
• BS degree and 10 years of experience.
• Expert knowledge of NIST SP 800-37, CNSSI 1253, FIPS 199 and NIST SP 800-53.
• Expert in Risk Management Framework (RMF) accreditation processes.
• Expert in Risk Management with Plan of Actions and Milestones (POA&M) tracking.
• Expert in creating presentations and presenting policies, guidance, and procedures regularity.
• Experience creating metrics.
• Knowledge of the DoD Risk Assessment Methodology (DRAM).