Applied Research Associates (ARA), Inc. has an immediate need for an experienced IT Professional to serve as an Information System Security Manager (ISSM) for ARA’s Integrated Missions Systems (IMS) located in Raleigh, NC. The candidate designated as ARA’s ISSM will support multiple programs administering Information Assurance (IA) duties as the ISSM on multiple Information Systems and networks. The ISSM is responsible for compliance oversight, assessment, and operations of systems for multiple programs under their purview. ISSM will be responsible for managing the ISSO and ISSE teams by providing guidance and support pertaining to day-to-day operations. For this position, ARA will only consider applicants with an active SECRET Security Clearance or higher. Position is not eligible for remote work schedule.

What you’ll do as an Information Systems Security Manager (ISSM)

• Senior member of team that coordinates, reviews, validates, and approves all activities, which contribute to the Assessment and Authorization (A&A) of automated information systems.
• Support the Project Manager (PM) or Information System Owner (ISO) in maintaining current authorization to operate, and approval to connect for all systems and networks, and in implementing corrective actions identified in the plan of action and milestones.
• Develop policy and guidance and establish implementation and oversight plans to ensure compliance with Risk Management requirements.
• Develop a comprehensive System-level Continuous Monitoring (SLCM) strategy and monitor any proposed or actual changes to the system and its environment.
• Conduct recurring Cybersecurity reviews on information systems in accordance with DoD RMF practices, DCSA Assessment and Authorization Process Manual (DAAPM), NIST 800-53 Special Publications, customer directives, and company policies as applicable. Execute the security testing and evaluation to ensure the correct implementation of security requirements.
• Supervise and provide guidance and technical training to ISSOs, ISSEs within the IMS Cybersecurity Services team.
• Performs other duties as assigned.

Information Systems Security Manager (ISSM) Position Requirements

• Previous experience as an ISSM or ISSO is required.
• Bachelor’s degree (or equivalent) with 5-7 years of experience, or a Master’s with 3-5 years of experience.
• Must possess, at a minimum, an active Secret Security clearance.
• Experience with security assessment/hardening tools, i.e., STIGs, SCAP, ACAS, etc.
• Experience with the 32 CFR Part 117, National Industrial Security Program Operating Manual (NISPOM), DCSA Assessment and Authorization Process Manual (DAAPM), Department of Defense (DoD) regulations, Intelligence Community Directives (ICDs) and Security Technical Implementation Guides (STIGs).
• Possess strong understanding of computer operating systems (Windows and Linux), software and computer hardware.
• Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
• Possess a DoD 8570 IAM Level III professional certification or have the ability to get one within 6 months of hire (CISM, CISSP or other).
• Ability to lift and move computer equipment including workstations, servers, printers, scanners, monitors, etc.
• Ability to lift 30 pounds.

Information Systems Security Manager (ISSM) Position Preferences

• Highest degree of personal and professional integrity and ethics.
• Strong organizational and administrative skills.
• Proficient with Microsoft Word, Excel, PowerPoint, and Outlook.
• Experience with the 32 CFR Part 117, National Industrial Security Program Operating Manual (NISPOM), Department of Defense Directives 5200.01, volumes 1-4, and Intelligence Community Directive 705.
• Proficient in IA Security specifications such as Risk Management Framework (RMF) and NIST SP 800-53.
• Trained and proficient in Assured File Transfer (AFT) procedures.

About ARA:

Applied Research Associates (ARA), founded in 1979, is an international employee-owned company whose mission is to "Solve problems of national importance.” We are composed mainly of scientific engineers who create and invent applications that protect our public servants, prevent disasters to homeowners, and provide strength to our military heroes. We do not just accept the ordinary. Our motto is to 'Expand the realm of possibility.” Moreover, it is accomplished with fun and profit. The Integrated Mission Systems sector was established in Raleigh, NC in 1982. We are nationally recognized for our expertise in several different areas including weapons effects, blast and shock modeling, threat and vulnerability assessment, sensor systems, and modeling and simulation. Our team of engineers/scientists and senior-level software system developers is committed to creating smart and scalable solutions and producing the highest quality work for our customers.

Employee ownership ensures you have a voice with what happens in the company. We are also very proud of our Women’s Initiative Network (WIN), whose purpose is to motivate, support, and encourage professional career development for women to maximize career and professional accomplishments.

To find out more about what the Integrated Mission Systems Sector has to offer, visit our website at: https://www.ara.com/benefits/

Experience

• 5 - 7 years: Relevant Work Experience

Education

• Bachelors or better

Licenses & Certifications

• Cert Info Sys Secur Prof
• Comp TIA Security

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)