Information Systems Security Manager

Position: Information Systems Security Manager (ISSM)

Location: Bedford, MA (On-Site 5 days/week)

Length: 6 Month Contract to Hire

*Active Top Secret Clearance Required*

* Please no agencies. Direct employees currently authorized to work in the United States – no sponsorship available.*

Job Description:

Essential Duties and Responsibilities:

• Support system/application Assessment and Authorization (A&A) efforts, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing National, DoD, and Department of the Air Force policies.
• Recommend policies and procedures to ensure the reliability of and accessibility to information systems and to prevent and defend against unauthorized access to systems, networks, and data.
• Conduct risk and vulnerability assessments and inspections of planned and installed information systems to identify vulnerabilities, risks, and protection needs.
• Evaluate threats and vulnerabilities to information systems to ascertain the need for additional safeguards.
• Review and provide inputs to modification packages, program/system documents and support agreements updates, and communications and network infrastructure upgrades to ensure proper cybersecurity configuration modification management; implementation of technical, managerial, operational requirements; and support requirements (e.g. planning, testing, test infrastructure, documentation, training, etc.) are identified.
• Review system test plans and test results and if necessary, observe system testing for security control implementation in accordance with cybersecurity policies, guidance, and plan.
• Perform security impact analysis on any system change and appropriately prepare letters of assurance, security impact letters, and risk assessment letters to include exceptions, deviations, or waivers to cybersecurity requirements when applicable.
• Continuously monitor intelligence and open-source information for vulnerabilities affecting systems, assess risk, and provide recommendations.
• Promote awareness of security issues among management and ensuring sound security principles are reflected in organizations’ visions and goals.
• Conduct systems security monitoring, evaluations, audits, and reviews.
• Recommend systems security contingency plans and disaster recovery procedures.
• Recommend and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures.
• Participate in network and systems design to ensure implementation of appropriate systems security policies.
• Facilitate the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes.
• Assess security events to determine impact and implementing corrective actions.
• Ensure the rigorous application of cybersecurity and cryptographic policies, principles, and practices throughout the system development lifecycle.
• Author, monitor, and record system information in applicable databases.
• Support the development, coordination, and implementation of cybersecurity-related special projects

Qualifications:

• 10 years experience in cyber security or information assurance.
• Bachelor’s degree in a related field.
• Must hold one of the following certifications: CISSP, CISM, GSLC, or CCISO.
• Experience with the certification and accreditation process.
• Significant experience in vulnerability scanning and analysis, including the use of automated tools and vulnerability management systems.
• Knowledge of intrusion prevention and network access control tools/systems.
• Understanding of system audit principles and security risk assessment.
• Strong understanding of security policy advocated by the U.S. Government including the Department of Defense and appropriate civil agencies, e.g., NIST.
• Able to perform work that involves ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools.
• Knowledge of cryptography and cryptographic key management concepts.
• General experience includes development of both common user and special purpose command and control/information systems with increasing responsibilities in the scope and magnitude of the systems for which solutions have been implemented.
• Must have a solid understanding of network infrastructure and mission assurance.
• Familiar with Federal government and DOD standards for IA/security including DIACAP, FISMA, NIST, and OMB.
• Must have solid communications skills and be capable of working with all levels of an organization.

POST-OFFER BACKGROUND CHECK IS REQUIRED. Digital Prospectors is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by law. Digital Prospectors affirms the right of all individuals to equal opportunity and prohibits any form of discrimination or harassment.

Come see why DPC has achieved:

• 4.9/5 Star Glassdoor rating and the only staffing company (< 1000 employees) to be voted in the national Top 10 ‘Employee’s Choice - Best Places to Work’ by Glassdoor.
• Voted ‘Best Staffing Firm to Temp/Contract For’ seven times by Staffing Industry Analysts as well as a ‘Best Company to Work For’ by Forbes, Fortune and Inc. magazine.

As you are applying, please join us in fostering diversity, equity, and inclusion by completing the Invitation to Self-Identify form today!

www.LoveYourJob.com

Job #18131